{"affected":[{"ecosystem_specific":{"binaries":[{"nodejs6":"6.17.0-11.24.1"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 7","name":"nodejs6","purl":"pkg:rpm/suse/nodejs6&distro=SUSE%20OpenStack%20Cloud%207"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"6.17.0-11.24.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"nodejs6":"6.17.0-11.24.1"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud Crowbar 8","name":"nodejs6","purl":"pkg:rpm/suse/nodejs6&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"6.17.0-11.24.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"nodejs6":"6.17.0-11.24.1","nodejs6-devel":"6.17.0-11.24.1","nodejs6-docs":"6.17.0-11.24.1","npm6":"6.17.0-11.24.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Web and Scripting 12","name":"nodejs6","purl":"pkg:rpm/suse/nodejs6&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"6.17.0-11.24.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"nodejs6":"6.17.0-11.24.1"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 4","name":"nodejs6","purl":"pkg:rpm/suse/nodejs6&distro=SUSE%20Enterprise%20Storage%204"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"6.17.0-11.24.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for nodejs6 to version 6.17.0 fixes the following issues:\n\nSecurity issues fixed:\n\n\n- CVE-2019-5739: Fixed a potentially attack vector which could lead to Denial of Service \n  when HTTP connection are kept active (bsc#1127533).\n- CVE-2019-5737: Fixed a potentially attack vector which could lead to Denial of Service\n  when HTTP connection are kept active (bsc#1127532).\n- CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under certain circumstances \n  a TLS server can be forced to respond differently to a client and lead to the decryption of the data (bsc#1127080).\n\nRelease Notes: https://nodejs.org/en/blog/release/v6.17.0/    \n","id":"SUSE-SU-2019:0818-1","modified":"2019-03-29T17:03:45Z","published":"2019-03-29T17:03:45Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2019/suse-su-20190818-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1127080"},{"type":"REPORT","url":"https://bugzilla.suse.com/1127532"},{"type":"REPORT","url":"https://bugzilla.suse.com/1127533"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-1559"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5737"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5739"}],"related":["CVE-2019-1559","CVE-2019-5737","CVE-2019-5739"],"summary":"Security update for nodejs6","upstream":["CVE-2019-1559","CVE-2019-5737","CVE-2019-5739"]}