Hello community, here is the log from the commit of package patchinfo.4104 for openSUSE:13.1:Update checked in at 2015-11-18 14:49:35 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/patchinfo.4104 (Old) and /work/SRC/openSUSE:13.1:Update/.patchinfo.4104.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.4104" Changes: -------- New Changes file: NO CHANGES FILE!!! ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ --- /var/tmp/diff_new_pack.FPoKsq/_old 2015-11-18 14:50:13.000000000 +0100 +++ /var/tmp/diff_new_pack.FPoKsq/_new 2015-11-18 14:50:13.000000000 +0100 @@ -1,14 +1,16 @@ -<patchinfo> +<patchinfo incident="4104"> + <issue id="948045" tracker="bnc">Nodejs 4.0 rpm does not install addon-rpm.gypi</issue> + <issue id="948602" tracker="bnc">VUL-0: CVE-2015-7384: nodejs: HTTP Denial of Service Vulnerability</issue> + <issue id="CVE-2015-7384" tracker="cve" /> <category>security</category> - <rating>low</rating> + <rating>important</rating> <packager>MargueriteSu</packager> - <summary>fix boo#948602 boo#948045</summary> - <description> -* boo#948602/cve#2015-7384: HTTP Denial of Service Vulnerability -* boo#948045: addon-rpm.gypi wasn't installed -* Leap: update nodejs to 4.2.1 from 0.12.7 + <description>nodejs was updated to version 4.2.1 to fix one security issue. + +This security issue was fixed: +- CVE-2015-7384: HTTP Denial of Service Vulnerability (bsc#948602). + +Various other issues were fixed, please see the changelog. </description> - <issue tracker="cve" id="2015-7384"/> - <issue tracker="bnc" id="948045"/> - <issue tracker="bnc" id="948602"/> + <summary>Security update for nodejs</summary> </patchinfo>