|
|
Subscribe / Log in / New account

Scientific Linux alert SLSA-2019:2258-1 (http-parser)



From:
              Farhan Ahmed <fahmed@fnal.gov> 


To:
              scientific-linux-errata@listserv.fnal.gov 


Subject:
              Security ERRATA Moderate: http-parser on SL7.x x86_64 


Date:
              Mon, 26 Aug 2019 19:03:18 -0000


Message-ID:
              <20190826190318.484.73146@slpackages.fnal.gov>


Synopsis: Moderate: http-parser security update
Advisory ID:       SLSA-2019:2258-1
Issue Date:        2019-08-06
CVE Numbers:       CVE-2018-7159
                   CVE-2018-12121
--

Security Fix(es):

* nodejs: Denial of Service with large HTTP headers (CVE-2018-12121)

* nodejs: HTTP parser allowed for spaces inside Content-Length header
values (CVE-2018-7159)
--

SL7
  x86_64
    http-parser-2.7.1-8.el7.i686.rpm
    http-parser-2.7.1-8.el7.x86_64.rpm
    http-parser-devel-2.7.1-8.el7.x86_64.rpm
    http-parser-devel-2.7.1-8.el7.i686.rpm
    http-parser-debuginfo-2.7.1-8.el7.i686.rpm
    http-parser-debuginfo-2.7.1-8.el7.x86_64.rpm

- Scientific Linux Development Team
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds