Advisories ยป MGASA-2020-0131

Updated http-parser packages fix security vulnerability

Publication date: 08 Mar 2020
Modification date: 08 Mar 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-15605

Description

http-parser has been updated to fix a security issue.

HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload
delivery when transfer-encoding is malformed (VE-2019-15605).

References

SRPMS

7/core