An update that solves two vulnerabilities and has one errata is now available.
Description:
This update for nodejs6 to version 6.14.4 fixes the following issues:
Security issues fixed:
CVE-2018-12115: Fixed an out-of-bounds (OOB) write in Buffer.write() for UCS-2 encoding (bsc#1105019) CVE-2018-0732: Upgrade to OpenSSL 1.0.2p, fixing a client DoS due to large DH parameter (bsc#1097158)
Other issues fixed:
- Recommend same major version npm package (bsc#1097748)
This update was imported from the SUSE:SLE-12:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product: