diff --git a/.gitignore b/.gitignore
index 697c856..f0413d2 100644
--- a/.gitignore
+++ b/.gitignore
@@ -36,3 +36,5 @@
 /wasi-sdk-11.tar.gz
 /wasi-sdk-14.tar.gz
 /undici-5.10.0.tar.gz
+/node-v18.12.1-stripped.tar.gz
+/undici-5.11.0.tar.gz
diff --git a/nodejs.spec b/nodejs.spec
index d112496..5d8f9c2 100644
--- a/nodejs.spec
+++ b/nodejs.spec
@@ -29,7 +29,7 @@
 # This is used by both the nodejs package and the npm subpackage that
 # has a separate version - the name is special so that rpmdev-bumpspec
 # will bump this rather than adding .1 to the end.
-%global baserelease 3
+%global baserelease 1
 
 %{?!_pkgdocdir:%global _pkgdocdir %{_docdir}/%{name}-%{version}}
 
@@ -40,8 +40,8 @@
 # than a Fedora release lifecycle.
 %global nodejs_epoch 1
 %global nodejs_major 18
-%global nodejs_minor 10
-%global nodejs_patch 0
+%global nodejs_minor 12
+%global nodejs_patch 1
 %global nodejs_abi %{nodejs_major}.%{nodejs_minor}
 # nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h
 %global nodejs_soversion 108
@@ -129,7 +129,7 @@
 %global uvwasi_version 0.0.13
 
 # histogram_c - assumed from timestamps
-%global histogram_version 0.9.7
+%global histogram_version 0.11.2
 
 Name: nodejs
 Epoch: %{nodejs_epoch}
@@ -156,23 +156,24 @@ Source100: %{name}-tarball.sh
 # nodejs-packaging SRPM.
 Source7: nodejs_native.attr
 
-# These are full sources for dependencies included as WASM blobs int he source of Node itself.
+# These are full sources for dependencies included as WASM blobs in the source of Node itself.
+# Note: These sources would also include pre-compiled WASM blobs… so they are adjusted not to.
 # Recipes for creating these blobs are included in the sources.
 
 # Version: jq '.version' deps/cjs-module-lexer/package.json
 # Original: https://github.com/nodejs/cjs-module-lexer/archive/refs/tags/1.2.2.tar.gz
 # Adjustments: rm -f cjs-module-lexer-1.2.2/lib/lexer.wasm
 # wasi-sdk version can be found in Makefile
-# https://github.com/nodejs/undici/blob/v5.8.2/build/Dockerfile
+# https://github.com/nodejs/cjs-module-lexer/blob/1.2.2/Makefile
 Source101: cjs-module-lexer-1.2.2.tar.gz
 Source111: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-11/wasi-sdk-11.0-linux.tar.gz
 
 # Version: jq '.version' deps/undici/src/package.json
-# Original: https://github.com/nodejs/undici/archive/refs/tags/v5.7.0.tar.gz
-# Adjustments: rm -f undici-5.7.0/lib/llhttp/llhttp*.wasm
+# Original: https://github.com/nodejs/undici/archive/refs/tags/v5.11.0.tar.gz
+# Adjustments: rm -f undici-5.11.0/lib/llhttp/llhttp*.wasm
 # wasi-sdk version can be found in Dockerfile
-# https://github.com/nodejs/cjs-module-lexer/blob/1.2.2/Makefile
-Source102: undici-5.10.0.tar.gz
+# https://github.com/nodejs/undici/blob/v5.8.2/build/Dockerfile
+Source102: undici-5.11.0.tar.gz
 Source112: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-14/wasi-sdk-14.0-linux.tar.gz
 
 # Disable running gyp on bundled deps we don't use
@@ -598,6 +599,11 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules:%{buildroot}%{_prefix}/lib/nod
 
 
 %changelog
+* Wed Nov 16 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:18.12.1-1
+- Rebase + CVEs
+- Resolves: #2142809
+- Resolves: #2142830, #2142856
+
 * Sun Oct 09 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:18.10.0-3
 - Resolves: #2111861
 - Add proper sources for undici
diff --git a/sources b/sources
index e41ac92..27de253 100644
--- a/sources
+++ b/sources
@@ -1,6 +1,6 @@
-SHA512 (node-v18.10.0-stripped.tar.gz) = b0514f61ab38e48f2ebd2dc0e909f764005628dfe7ba872c3f5f3b0d70f65e11057be21fd2ced2be6b85786360522d63908a7606e4949189e16a7c778f35c899
+SHA512 (node-v18.12.1-stripped.tar.gz) = 83077146308a9f69ae6518309b9bafc4a1b29cd3cb9cd202f034ee764c40283cac9a8f0cf99cb20f265388461b3d5920d0f099b0f506f44b982a7a190bb31d97
 SHA512 (icu4c-71_1-src.tgz) = 1fd2a20aef48369d1f06e2bb74584877b8ad0eb529320b976264ec2db87420bae242715795f372dbc513ea80047bc49077a064e78205cd5e8b33d746fd2a2912
-SHA512 (undici-5.10.0.tar.gz) = 5d215705626025605e288730849c9787000d5ab60a14aff69d5aecb5a97d0d0c12af679868db32685bc7cf3284ef1c3e4cb16aa3baedd59a4dcc3afeab6853ef
+SHA512 (undici-5.11.0.tar.gz) = 28d13caae0d6fe31136e8ae74e8feb82aadeada01603b1c99d39d97183d5ed2d4594b985150d8e986259081d3dd2a467e47a6d2eb0da185df93376fee114e26a
 SHA512 (cjs-module-lexer-1.2.2.tar.gz) = 2c8e9caf2231ca7d61e71936305389774859aca9b5c86c63489c9a62a81f4736f99477c3f0cbb41077bb7924fdd23e0f24b7bce858e42fb0f87e7c0ffc87afeb
 SHA512 (wasi-sdk-11.0-linux.tar.gz) = e3ed4597f7f2290967eef6238e9046f60abbcb8633a4a2a51525d00e7393df8df637a98a5b668217d332dd44fcbf2442ec7efd5e65724e888d90611164451e20
 SHA512 (wasi-sdk-14.0-linux.tar.gz) = 288a367e051f5b3f5853de97fabaedd3acf2255819d50c24f48f573897518500ea808342fd9aea832b2a5717089807bf1cbcf6d46b156b4eb60cc6b3c02ee997