Debian Security Advisory 5170-1

Debian Security Advisory 5170-1: Posted Jun 28, 2022; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5170-1 - Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, a bypass of certificate verification or prototype pollution.; tags | advisory, web, vulnerability; systems | linux, debian; advisories | CVE-2021-22959, CVE-2021-22960, CVE-2021-44531, CVE-2021-44532, CVE-2021-44533, CVE-2022-21824; SHA-256 | 02c22c0c690787980900a20bd2fbcd3897504bf8d273ec8ab1b192278ce7ab7b; Download | Favorite | View

Debian Security Advisory 5170-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5170-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
June 27, 2022                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : nodejs
CVE ID         : CVE-2021-22959 CVE-2021-22960 CVE-2021-44532 CVE-2021-44533 
                 CVE-2022-21824 CVE-2021-44531

Multiple vulnerabilities were discovered in Node.js, which could result in
HTTP request smuggling, a bypass of certificate verification or prototype
pollution.

For the stable distribution (bullseye), these problems have been fixed in
version 12.22.12~dfsg-1~deb11u1.

We recommend that you upgrade your nodejs packages.

For the detailed security status of nodejs please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/nodejs

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmK5+foACgkQEMKTtsN8
TjbGrg/+PU+oRJ5ARjKwXR1aCdxMvhdzanyaAP7nVeo+iHQwl+13U958e9TpadqX
5gBmmlkWM7vcHHr5Anw6gGptF5L2NTj/Hid4SDFswNLCzqbIm9eIl0FFg2n7ilGD
ISZtXEV089UUzCSat1Nk3A7eq3ShESWciFhHkwhejZKzcTJgbzAPFbZSazOfYaXP
JREl8OnFg9WWO27gj/zkjHhsG/ZPgJjoGagSfpIuEx3KL/KOiG3eJmJtjS68RVTF
D6Zg6P8iFmQLy/PKZycPXEm5Jp5Zrtan4N6yJl3EHFdjcJTJSmCZy0HlLL97eRle
kVQI5/KgH9Ev1VYPycOg+cPPaBDLpoFO7OtzhZLmq4/IUsEKHOMeNTKZQWYXjDzl
nLANjnHGt7pfw2poXRgblzSikJHiAurJRGarP4k0ebGyy8B6nKrQUlgDI0u4y48z
JiqsP95mwCvwFlrjxSTjG5R7AsEuszytqejyxeg5qqkkQKSONsLj02Eav+QqInUS
D9dHEl4eoBx529Fu3ZWBfTxe4avxFm/HDw2FJDxz0ciP7S/H0+5TyFwym3tmQpY8
pXD49bVCoE5my4JeDEhpZp1YrsQFTv3RUqqLp3T1uUlsdON4Jz3RP4WX4dzIRte+
fJO6fg+26+h7VykuyWSKYYEyFy1dDmGypc93KfNMrU75BztQpsI=
=ELbx
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 221 files
Ubuntu 59 files
Debian 30 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
tmrswrr 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,298)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,550)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,453)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

Debian Security Advisory 5170-1

Debian Security Advisory 5170-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 5170-1

Share This

Debian Security Advisory 5170-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems