import nodejs-16.4.2-1.module+el8.5.0+11750+ee0c1cc9

2021-07-13 04:43:50 +00:00 · 2021-07-13 04:43:50 +00:00 · 23f5c6f8ae
commit 23f5c6f8ae
parent 25f0bc0439
3 changed files with 21 additions and 14 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,2 @@
 SOURCES/icu4c-69_1-src.tgz
-SOURCES/node-v16.1.0-stripped.tar.gz
+SOURCES/node-v16.4.2-stripped.tar.gz
--- a/.nodejs.metadata
+++ b/.nodejs.metadata
@ -1,2 +1,2 @@
 620a71c84428758376baa0fb81a581c3daa866ce SOURCES/icu4c-69_1-src.tgz
-0feb4d74d3f7996cb63932537ee9cdb4d46b0fc6 SOURCES/node-v16.1.0-stripped.tar.gz
+7a256b1c471ab300c71772134c53d6ed8390a7d0 SOURCES/node-v16.4.2-stripped.tar.gz
--- a/SPECS/nodejs.spec
+++ b/SPECS/nodejs.spec
@ -25,8 +25,8 @@
 # than a Fedora release lifecycle.
 %global nodejs_epoch 1
 %global nodejs_major 16
-%global nodejs_minor 1
-%global nodejs_patch 0
+%global nodejs_minor 4
+%global nodejs_patch 2
 %global nodejs_abi %{nodejs_major}.%{nodejs_minor}
 # nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h
 %global nodejs_soversion 93
@ -40,9 +40,9 @@
 # Epoch is set to ensure clean upgrades from the old v8 package
 %global v8_epoch 2
 %global v8_major 9
-%global v8_minor 0
-%global v8_build 257
-%global v8_patch 24
+%global v8_minor 1
+%global v8_build 269
+%global v8_patch 36
 # V8 presently breaks ABI at least every x.y release while never bumping SONAME
 %global v8_abi %{v8_major}.%{v8_minor}
 %global v8_version %{v8_major}.%{v8_minor}.%{v8_build}.%{v8_patch}
@ -58,18 +58,18 @@
 # llhttp - from deps/llhttp/include/llhttp.h
 %global llhttp_major 6
 %global llhttp_minor 0
-%global llhttp_patch 1
+%global llhttp_patch 2
 %global llhttp_version %{llhttp_major}.%{llhttp_minor}.%{llhttp_patch}

 # libuv - from deps/uv/include/uv/version.h
 %global libuv_major 1
-%global libuv_minor 40
+%global libuv_minor 41
 %global libuv_patch 0
 %global libuv_version %{libuv_major}.%{libuv_minor}.%{libuv_patch}

 # nghttp2 - from deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h
 %global nghttp2_major 1
-%global nghttp2_minor 41
+%global nghttp2_minor 42
 %global nghttp2_patch 0
 %global nghttp2_version %{nghttp2_major}.%{nghttp2_minor}.%{nghttp2_patch}

@ -118,8 +118,8 @@
 # npm - from deps/npm/package.json
 %global npm_epoch 1
 %global npm_major 7
-%global npm_minor 11
-%global npm_patch 2
+%global npm_minor 18
+%global npm_patch 1
 %global npm_version %{npm_major}.%{npm_minor}.%{npm_patch}

 # uvwasi - from deps/uvwasi/include/uvwasi.h
@ -400,7 +400,8 @@ export LDFLAGS="%{build_ldflags}"
           --shared-brotli \
           --with-dtrace \
           --with-intl=small-icu \
-           --openssl-use-def-ca-store
+           --openssl-use-def-ca-store \
+           --openssl-default-cipher-list=PROFILE=SYSTEM
 %else
 %{__python3} configure.py --prefix=%{_prefix} \
           --shared-openssl \
@ -411,7 +412,8 @@ export LDFLAGS="%{build_ldflags}"
           --with-dtrace \
           --with-intl=small-icu \
           --with-icu-default-data-dir=%{icudatadir} \
-           --openssl-use-def-ca-store
+           --openssl-use-def-ca-store \
+           --openssl-default-cipher-list=PROFILE=SYSTEM
 %endif

 %if %{?with_debug} == 1
@ -680,6 +682,11 @@ end


 %changelog
+* Fri Jul 09 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.4.2-1
+- Resolves: RHBZ#1979847
+- Resolves CVE-2021-22918(libuv)
+- Use system cipher list(1842826, 1952915)
+
 * Tue May 11 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.1.0-1
 - Resolves: RHBZ#1953991
 - Rebase to v16.x