[ubuntu/jammy-security] nodejs 12.22.9~dfsg-1ubuntu3.3 (Accepted)
Amir Naseredini
amir.naseredini at canonical.com
Wed Jan 3 09:33:10 UTC 2024
nodejs (12.22.9~dfsg-1ubuntu3.3) jammy-security; urgency=medium
* SECURITY UPDATE: Obtain Sensitive Information
- debian/patches/CVE-2022-4304.patch: fixed a timing based side channel in
the OpenSSL RSA Decryption implementation
- debian/patches/CVE-2023-0286.patch: fixed a type confusion vulnerability
in GENERAL_NAME_cmp function
- CVE-2022-4304
- CVE-2023-0286
* SECURITY UPDATE: Denial of Service
- debian/patches/CVE-2022-4450.patch: fixed an issue that will result in a
crash in PEM_read_bio_ex function
- debian/patches/CVE-2023-0215.patch: fixed a use-after-free issue in
BIO_new_NDEF function
- debian/patches/CVE-2023-0401.patch: fixed a NULL pointer dereference in
PKCS7
- CVE-2022-4450
- CVE-2023-0215
- CVE-2023-0401
Date: 2024-01-02 15:40:10.985615+00:00
Changed-By: Amir Naseredini <amir.naseredini at canonical.com>
https://launchpad.net/ubuntu/+source/nodejs/12.22.9~dfsg-1ubuntu3.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list