Advisory: CLSA-2025:1765365113
OS: EL 8
Public date: 2025-12-10 11:11:55.134356
Project: nodejs
Version: 16.20.2-4.el8
Errata link: https://errata.tuxcare.com/els_alt_nodejs/el8/CLSA-2025-1765365113.html
- CVE-2023-46809: fixes a timing‑side‑channel flaw in the RSA PKCS#1 v1.5 decryption logic, preventing a Marvin‑style padding‑oracle attack that could allow recovery of sensitive data.
Update command: yum update alt-nodejs*
alt-nodejs16-nodejs-16.20.2-4.el8.x86_64.rpm alt-nodejs16-nodejs-devel-16.20.2-4.el8.x86_64.rpm alt-nodejs16-nodejs-docs-16.20.2-4.el8.noarch.rpm alt-nodejs16-npm-8.19.4-16.20.2.4.el8.x86_64.rpm