9487 important openSUSE Leap 42.3 Update This update for nodejs4 fixes the following issues: Security issues fixed: - CVE-2018-0734: Fixed a timing vulnerability in the DSA signature generation (bsc#1113652) - CVE-2018-5407: Fixed a hyperthread port content side channel attack (aka "PortSmash") (bsc#1113534) - CVE-2018-12120: Fixed that the debugger listens on any interface by default (bsc#1117625) - CVE-2018-12121: Fixed a denial of Service with large HTTP headers (bsc#1117626) - CVE-2018-12122: Fixed the "Slowloris" HTTP Denial of Service (bsc#1117627) - CVE-2018-12116: Fixed HTTP request splitting (bsc#1117630) - CVE-2018-12123: Fixed hostname spoofing in URL parser for javascript protocol (bsc#1117629) This update was imported from the SUSE:SLE-12:Update update project. nodejs4-4.9.1-20.1.i586.rpm nodejs4-4.9.1-20.1.src.rpm nodejs4-debuginfo-4.9.1-20.1.i586.rpm nodejs4-debugsource-4.9.1-20.1.i586.rpm nodejs4-devel-4.9.1-20.1.i586.rpm nodejs4-docs-4.9.1-20.1.noarch.rpm npm4-4.9.1-20.1.i586.rpm nodejs4-4.9.1-20.1.x86_64.rpm nodejs4-debuginfo-4.9.1-20.1.x86_64.rpm nodejs4-debugsource-4.9.1-20.1.x86_64.rpm nodejs4-devel-4.9.1-20.1.x86_64.rpm npm4-4.9.1-20.1.x86_64.rpm