Release date:
2025-12-05 18:12:51 UTC
Description:
* SECURITY UPDATE: Marvin Attack vulnerability in Node.js
– debian/patches/CVE-2023-46809.patch: fixes a timing‑side‑channel
flaw in the RSA PKCS#1 v1.5 decryption logic, preventing a Marvin‑style
padding‑oracle attack that could allow recovery of sensitive data.
– CVE-2023-46809
Updated packages:
-
alt-nodejs14-docs_14.21.3-11_amd64.deb
sha:00a0a65462916cb8722cdcd0edd09bc4a18083a8
-
alt-nodejs14-nodejs_14.21.3-11_amd64.deb
sha:31f20c6fc599f7cf5fb9ecb44467b5623278613f
-
alt-nodejs14-nodejs-devel_14.21.3-11_amd64.deb
sha:6a0ffe6fb8159da760ad485fee5516129f65cc9d
-
alt-nodejs14-npm_6.14.18-14.21.3.11_amd64.deb
sha:29e6b38af4ee8768d24549c42d4bbfad0ade86b4
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
