import UBI nodejs-16.20.2-1.el9_2

.gitignore

@@ -1,6 +1,6 @@
 SOURCES/cjs-module-lexer-1.2.2.tar.gz
 SOURCES/icu4c-71_1-src.tgz
-SOURCES/node-v16.20.1-stripped.tar.gz
+SOURCES/node-v16.20.2-stripped.tar.gz
 SOURCES/undici-5.20.0.tar.gz
 SOURCES/wasi-sdk-wasi-sdk-11.tar.gz
 SOURCES/wasi-sdk-wasi-sdk-14.tar.gz

.nodejs.metadata

@@ -1,6 +1,6 @@
 b0a91341ecf6c68a9d59a1c57d000fbbcc771679 SOURCES/cjs-module-lexer-1.2.2.tar.gz
 406b0c8635288b772913b6ff646451e69748878a SOURCES/icu4c-71_1-src.tgz
-dd58f4942a016f232a06e36fae6cc43c387e2f66 SOURCES/node-v16.20.1-stripped.tar.gz
-a96c780a67c578c31e9c8d291e357b2ae98a0ce5 SOURCES/undici-5.20.0.tar.gz
+0024086ed6090aaea422fb2bd329f898bf924df6 SOURCES/node-v16.20.2-stripped.tar.gz
+0b3e890fd45200fb3a2fdc14408cc51e23990480 SOURCES/undici-5.20.0.tar.gz
 8979d177dd62e3b167a6fd7dc7185adb0128c439 SOURCES/wasi-sdk-wasi-sdk-11.tar.gz
 900a50a32f0079d53c299db92b88bb3c5d2022b8 SOURCES/wasi-sdk-wasi-sdk-14.tar.gz

SPECS/nodejs.spec

@@ -30,7 +30,7 @@
 # This is used by both the nodejs package and the npm subpackage that
 # has a separate version - the name is special so that rpmdev-bumpspec
 # will bump this rather than adding .1 to the end.
-%global baserelease 2
+%global baserelease 1
 
 %{?!_pkgdocdir:%global _pkgdocdir %{_docdir}/%{name}-%{version}}
 
@@ -42,7 +42,7 @@
 %global nodejs_epoch 1
 %global nodejs_major 16
 %global nodejs_minor 20
-%global nodejs_patch 1
+%global nodejs_patch 2
 %global nodejs_abi %{nodejs_major}.%{nodejs_minor}
 # nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h
 %global nodejs_soversion 93
@@ -722,6 +722,10 @@ end
 
 
 %changelog
+* Wed Aug 30 2023 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.20.2-1
+- Rebase to 16.20.2
+  Resolves: CVE-2023-32002 CVE-2023-32006 CVE-2023-32559
+
 * Mon Jul 31 2023 Honza Horak <hhorak@redhat.com> - 1:16.20.1-2
 - Fix segfault that happens when processing fips-related options
   Resolves: BZ#2227796