[SECURITY] Fedora 20 Update: nodejs-send-0.3.0-4.fc20

Send is Connect's static extracted for generalized use, a streaming static file server supporting partial responses Ranges, conditional-GET negotiation, high test coverage, and granular events which may be leveraged to take appropriate actions in your application or framework...

[SECURITY] Fedora 20 Update: nodejs-qs-0.6.6-3.fc20

This is a query string parser for node and the browser supporting nesting, as it was removed from 0.3.x, so this library provides the previous and commonly desired behavior and twice as fast. Used by express, connect and others...

[SECURITY] Fedora 19 Update: nodejs-qs-0.6.6-3.fc19

This is a query string parser for node and the browser supporting nesting, as it was removed from 0.3.x, so this library provides the previous and commonly desired behavior and twice as fast. Used by express, connect and others...

[SECURITY] Fedora 19 Update: nodejs-send-0.3.0-4.fc19

Send is Connect's static extracted for generalized use, a streaming static file server supporting partial responses Ranges, conditional-GET negotiation, high test coverage, and granular events which may be leveraged to take appropriate actions in your application or framework...

Fedora 19 : nodejs-qs-0.6.6-3.fc19 (2014-11399)

The qs module has the ability to create sparse arrays during parsing. By specifying a high index it is possible to create a large array that will eventually take up all the allocated memory of the running process, resulting in a crash. More information:...

Fedora 20 : nodejs-qs-0.6.6-3.fc20 (2014-11376)

The qs module has the ability to create sparse arrays during parsing. By specifying a high index it is possible to create a large array that will eventually take up all the allocated memory of the running process, resulting in a crash. More information:...

Fedora 19 : nodejs-send-0.3.0-4.fc19 (2014-11495)

When relying on the root option to restrict file access it may be possible for an application consumer to escape out of the restricted directory and access files in a similarly named directory. For example, staticdirname + '/public' would allow access to dirname + '/public-restricted'...

Fedora Update for nodejs FEDORA-2014-11065

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for nodejs FEDORA-2014-10975

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 21 Update: nodejs-send-0.3.0-4.fc21

Send is Connect's static extracted for generalized use, a streaming static file server supporting partial responses Ranges, conditional-GET negotiation, high test coverage, and granular events which may be leveraged to take appropriate actions in your application or framework...

[SECURITY] Fedora 21 Update: nodejs-qs-0.6.6-3.fc21

This is a query string parser for node and the browser supporting nesting, as it was removed from 0.3.x, so this library provides the previous and commonly desired behavior and twice as fast. Used by express, connect and others...

Fedora 21 : nodejs-qs-0.6.6-3.fc21 (2014-11309)

The qs module has the ability to create sparse arrays during parsing. By specifying a high index it is possible to create a large array that will eventually take up all the allocated memory of the running process, resulting in a crash. More information:...

Fedora 21 : nodejs-send-0.3.0-4.fc21 (2014-11289)

When relying on the root option to restrict file access it may be possible for an application consumer to escape out of the restricted directory and access files in a similarly named directory. For example, staticdirname + '/public' would allow access to dirname + '/public-restricted'...

OpenSSL and Breaking UTF-8 Change (fixed in Node v0.8.27 and v0.10.29)

OpenSSL and Breaking UTF-8 Change fixed in Node v0.8.27 and v0.10.29 Today we are releasing new versions of Node: node-v0.8.27 node-v0.10.29 First and foremost these releases address the current OpenSSL vulnerability CVE-2014-0224, for both 0.8 and 0.10 we've upgraded the version of the bundled...

openSUSE Security Update : nodejs (openSUSE-SU-2013:1863-1)

This update fixes the following security issue with nodejs : - fix CVE-2013-4450: nodejs: HTTP Pipelining DoS bnc846808 CVE-2013-4450-v0.10.x.patch: contains the fix %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

[oss-security] CVE request: various NodeJS module vulnerabilities

Hi all, This is a request for CVEs for the following vulnerabilities discovered by the Node Security Project. I left out their advisories where I could find an assigned CVE; CVE-2013-7370 CVE-2013-7371 CVE-2013-6393 CVE-2013-4660 https://nodesecurity.io/advisories printer potential command...

Nodejs js-yaml load() Code Execution (CVE-2013-4660)

A JavaScript Code Execution vulnerability has been reported in Nodejs...

Fedora 20 : libuv-0.10.18-1.fc20 / nodejs-0.10.21-1.fc20 (2013-19512)

This release contains a security fix for the http server implementation, please upgrade as soon as possible. For more information, see . 2013.10.18, node.js Version 0.10.21 Stable - crypto: clear errors from verify failure Timothy J Fontaine - dtrace: interpret two byte strings Dave Pacheco - fs:...

Fedora Update for nodejs FEDORA-2013-19491

Check for the Version of nodejs OpenVAS Vulnerability Test Fedora Update for nodejs FEDORA-2013-19491 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Fedora Update for nodejs FEDORA-2013-19491

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...