Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package patchinfo.16711 for openSUSE:Leap:15.2:Update checked in at 2021-07-19 23:03:56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2:Update/patchinfo.16711 (Old) and /work/SRC/openSUSE:Leap:15.2:Update/.patchinfo.16711.new.2632 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.16711" Mon Jul 19 23:03:56 2021 rev:1 rq:906547 version:unknown Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo incident="16711"> <issue tracker="cve" id="2021-3449"/> <issue tracker="cve" id="2020-7774"/> <issue tracker="cve" id="2021-27290"/> <issue tracker="cve" id="2021-22918"/> <issue tracker="cve" id="2021-23362"/> <issue tracker="cve" id="2021-3450"/> <issue tracker="bnc" id="1183852">VUL-0: CVE-2021-3449: openssl-1_1: NULL pointer deref in signature_algorithms processing</issue> <issue tracker="bnc" id="1187973">VUL-0: CVE-2021-22918: nodejs10,nodejs12,nodejs14,nodejs,libuv: libuv upgrade - Out of bounds read</issue> <issue tracker="bnc" id="1184450">VUL-0: CVE-2020-7774: nodejs8, nodejs10, nodejs12, nodejs14: y18n Prototype Pollution</issue> <issue tracker="bnc" id="1187977">VUL-0: CVE-2021-23362: nodejs10,nodejs12,nodejs14,nodejs: npm upgrade - hosted-git-info Regular Expression Denial of Service (ReDoS)</issue> <issue tracker="bnc" id="1183155">nodejs on i586 fails to build very often</issue> <issue tracker="bnc" id="1183851">VUL-0: CVE-2021-3450: openssl-1_1: CA certificate check bypass with X509_V_FLAG_X509_STRICT</issue> <issue tracker="bnc" id="1187976">VUL-0: CVE-2021-27290: nodejs10,nodejs12,nodejs14,nodejs: npm upgrade - ssri Regular Expression Denial of Service (ReDoS)</issue> <packager>adamm</packager> <rating>important</rating> <category>security</category> <summary>Security update for nodejs10</summary> <description>This update for nodejs10 fixes the following issues: Update nodejs10 to 10.24.1. Including fixes for - CVE-2021-22918: libuv upgrade - Out of bounds read (bsc#1187973) - CVE-2021-27290: ssri Regular Expression Denial of Service (bsc#1187976) - CVE-2021-23362: hosted-git-info Regular Expression Denial of Service (bsc#1187977) - CVE-2020-7774: y18n Prototype Pollution (bsc#1184450) - CVE-2021-3450: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (bsc#1183851) - CVE-2021-3449: OpenSSL - NULL pointer deref in signature_algorithms processing (bsc#1183852) - reduce memory footprint of test-worker-stdio (bsc#1183155) This update was imported from the SUSE:SLE-15:Update update project.</description> </patchinfo>
