Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package patchinfo.15862 for openSUSE:Leap:15.2:Update checked in at 2021-02-27 22:33:21 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2:Update/patchinfo.15862 (Old) and /work/SRC/openSUSE:Leap:15.2:Update/.patchinfo.15862.new.2378 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "patchinfo.15862" Sat Feb 27 22:33:21 2021 rev:1 rq:875566 version:unknown Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo incident="15862"> <issue tracker="cve" id="2021-23840"/> <issue tracker="cve" id="2021-22884"/> <issue tracker="cve" id="2021-22883"/> <issue tracker="bnc" id="1182620">VUL-0: CVE-2021-22884: nodejs10,nodejs12,nodejs14,nodejs: DNS rebinding in --inspect</issue> <issue tracker="bnc" id="1182333">VUL-1: CVE-2021-23840: openssl-1_0_0,openssl1,compat-openssl098,openssl-1_1,openssl: Integer overflow in CipherUpdate</issue> <issue tracker="bnc" id="1182619">VUL-0: CVE-2021-22883: nodejs10,nodejs12,nodejs14,nodejs: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion</issue> <packager>adamm</packager> <rating>important</rating> <category>security</category> <summary>Security update for nodejs12</summary> <description>This update for nodejs12 fixes the following issues: New upstream LTS version 12.21.0: - CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion (bsc#1182619) - CVE-2021-22884: DNS rebinding in --inspect (bsc#1182620) - CVE-2021-23840: OpenSSL - Integer overflow in CipherUpdate (bsc#1182333) This update was imported from the SUSE:SLE-15-SP2:Update update project.</description> </patchinfo>