From 27fc3aecc62243816beca1e5e4cedc7b2a4582cf Mon Sep 17 00:00:00 2001 From: Zuzana Svetlikova Date: Thu, 10 Aug 2023 10:42:29 +0200 Subject: [PATCH] Rebase to new security release Address CVE-2023-32002, CVE-2023-32004, CVE-2023-32558 (high) Address CVE-2023-32006, CVE-2023-32559 (medium) Address CVE-2023-32005, CVE-2023-32003 (low) Resolves: #2186717 Resolves RHELPLAN-155639 --- .gitignore | 1 + nodejs.spec | 10 +++++++++- sources | 2 +- 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index 9d27144..19a4290 100644 --- a/.gitignore +++ b/.gitignore @@ -48,3 +48,4 @@ /node-v20.5.0-stripped.tar.gz /icu4c-73_2-src.tgz /undici-5.22.1.tar.gz +/node-v20.5.1-stripped.tar.gz diff --git a/nodejs.spec b/nodejs.spec index d71fbbd..eaf69b9 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -44,7 +44,7 @@ %global nodejs_epoch 1 %global nodejs_major 20 %global nodejs_minor 5 -%global nodejs_patch 0 +%global nodejs_patch 1 %global nodejs_abi %{nodejs_major}.%{nodejs_minor} # nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h %global nodejs_soversion 115 @@ -634,6 +634,14 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules:%{buildroot}%{_prefix}/lib/nod %changelog +* Thu Aug 10 2023 Zuzana Svetlikova - 1:20.5.1-1 +- Rebase to new security release +- Address CVE-2023-32002, CVE-2023-32004, CVE-2023-32558 (high) +- Address CVE-2023-32006, CVE-2023-32559 (medium) +- Address CVE-2023-32005, CVE-2023-32003 (low) +- Resolves: #2186717 +- Resolves RHELPLAN-155639 + * Thu Jul 27 2023 Zuzana Svetlikova - 1:20.5.0-1 - Update to v20.5.0 - Remove dtrace support diff --git a/sources b/sources index d2b06cb..2d3980e 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (node-v20.5.0-stripped.tar.gz) = 46056ee170ef87819e64365a86930d0730b22562250c1d66a214a00e9ab21b4165f7a5d90b10195ae9e216ffdb71ad648b55a1d454db9bed3e1478549abe724a +SHA512 (node-v20.5.1-stripped.tar.gz) = d0d9fe30b502e3e2f95ed2cecf1ee1365f36978b85feb50f3551369aa7fdf19341809dfbd0de59ddf347738ba8b3c00ae8da2b53cf3166fb8c1e48edb20166a2 SHA512 (icu4c-73_2-src.tgz) = 76dd782db6205833f289d7eb68b60860dddfa3f614f0ba03fe7ec13117077f82109f0dc1becabcdf4c8a9c628b94478ab0a46134bdb06f4302be55f74027ce62 SHA512 (undici-5.22.1.tar.gz) = d372c6d5b9705901d3377a3d1ab2b42b7b8cb66b0d9d427843ab1f8ca15da7a7b1d5895280c54d71507112534ca9f1d934c647159f74b7868d8bfc876bfeca19 SHA512 (cjs-module-lexer-1.2.2.tar.gz) = 2c8e9caf2231ca7d61e71936305389774859aca9b5c86c63489c9a62a81f4736f99477c3f0cbb41077bb7924fdd23e0f24b7bce858e42fb0f87e7c0ffc87afeb