Security update for nodejs4 (moderate)

2019-03-28T21:11:37
ID OPENSUSE-SU-2019:1076-1
Type suse
Reporter Suse
Modified 2019-03-28T21:11:37

Description

This update for nodejs4 fixes the following issues:

Security issues fixed:

  • CVE-2019-5739: Fixed a potentially attack vector which could lead to Denial of Service when HTTP connection are kept active (bsc#1127533).
  • CVE-2019-5737: Fixed a potentially attack vector which could lead to Denial of Service when HTTP connection are kept active (bsc#1127532).
  • CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under certain circumstances a TLS server can be forced to respond differently to a client and lead to the decryption of the data (bsc#1127080).

This update was imported from the SUSE:SLE-12:Update update project.