8403 moderate openSUSE Leap 15.0 Update This update for nodejs8 to version 8.11.3 fixes the following issues: These security issues were fixed: - CVE-2018-7167: Calling Buffer.fill() or Buffer.alloc() with some parameters could have lead to a hang which could have resulted in a DoS (bsc#1097375). - CVE-2018-7161: By interacting with the http2 server in a manner that triggered a cleanup bug where objects are used in native code after they are no longer available an attacker could have caused a denial of service (DoS) by causing a node server providing an http2 server to crash (bsc#1097404). - CVE-2018-1000168: Fixed a denial of service vulnerability by unbundling nghttp2 (bsc#1097401) This update was imported from the SUSE:SLE-15:Update update project. nodejs8-8.11.3-lp150.2.3.1.src.rpm nodejs8-8.11.3-lp150.2.3.1.x86_64.rpm nodejs8-debuginfo-8.11.3-lp150.2.3.1.x86_64.rpm nodejs8-debugsource-8.11.3-lp150.2.3.1.x86_64.rpm nodejs8-devel-8.11.3-lp150.2.3.1.x86_64.rpm nodejs8-docs-8.11.3-lp150.2.3.1.noarch.rpm npm8-8.11.3-lp150.2.3.1.x86_64.rpm nodejs8-8.11.3-lp150.2.3.1.i586.rpm nodejs8-debuginfo-8.11.3-lp150.2.3.1.i586.rpm nodejs8-debugsource-8.11.3-lp150.2.3.1.i586.rpm nodejs8-devel-8.11.3-lp150.2.3.1.i586.rpm npm8-8.11.3-lp150.2.3.1.i586.rpm