From 4d5c05f4a0e1b87f81f8b48e08aea20b436c7efa Mon Sep 17 00:00:00 2001
From: eabdullin <ed.abdullin.1@gmail.com>
Date: Mon, 17 Feb 2025 20:29:13 +0000
Subject: [PATCH] import UBI nodejs-22.13.1-1.module+el9.5.0+22763+17233acb

---
 .gitignore                                    |  6 ++--
 .nodejs.metadata                              |  6 ++--
 ...-deps-ncrypto-include-openssl-rand.h.patch | 25 -----------------
 SPECS/nodejs.spec                             | 28 +++++++++++--------
 4 files changed, 22 insertions(+), 43 deletions(-)
 delete mode 100644 SOURCES/0002-deps-ncrypto-include-openssl-rand.h.patch

diff --git a/.gitignore b/.gitignore
index 3c0bc00..30581c1 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,3 @@
-SOURCES/icu4c-75_1-data-bin-b.zip
-SOURCES/icu4c-75_1-data-bin-l.zip
-SOURCES/node-v22.11.0-stripped.tar.gz
+SOURCES/icu4c-76_1-data-bin-b.zip
+SOURCES/icu4c-76_1-data-bin-l.zip
+SOURCES/node-v22.13.1-stripped.tar.gz
diff --git a/.nodejs.metadata b/.nodejs.metadata
index 9d330f2..b69b208 100644
--- a/.nodejs.metadata
+++ b/.nodejs.metadata
@@ -1,3 +1,3 @@
-6c7291d88272d84fdadf1395166acd40dd12f623 SOURCES/icu4c-75_1-data-bin-b.zip
-ef164aa671780d004e304b4c789b05450e912304 SOURCES/icu4c-75_1-data-bin-l.zip
-17c2b64411adb2127c23324dfceaf52c076e1ab8 SOURCES/node-v22.11.0-stripped.tar.gz
+d1c5586e6733b5c4790d05a76d47ad159ff31e9b SOURCES/icu4c-76_1-data-bin-b.zip
+547c6ffcb7833b1a14abd6114e0a1722144d410a SOURCES/icu4c-76_1-data-bin-l.zip
+20a992fe68e168bd5600ccc2bfe4e315b6db6e4b SOURCES/node-v22.13.1-stripped.tar.gz
diff --git a/SOURCES/0002-deps-ncrypto-include-openssl-rand.h.patch b/SOURCES/0002-deps-ncrypto-include-openssl-rand.h.patch
deleted file mode 100644
index c6667fb..0000000
--- a/SOURCES/0002-deps-ncrypto-include-openssl-rand.h.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From e79552fdbebb411b8a6f7bc323525f463c1ee7ad Mon Sep 17 00:00:00 2001
-From: rpm-build <rpm-build>
-Date: Wed, 30 Oct 2024 15:48:59 +0100
-Subject: [PATCH] deps(ncrypto): include <openssl/rand.h>
-
-Signed-off-by: rpm-build <rpm-build>
----
- deps/ncrypto/ncrypto.cc | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/deps/ncrypto/ncrypto.cc b/deps/ncrypto/ncrypto.cc
-index 457bd2f..a38b4a2 100644
---- a/deps/ncrypto/ncrypto.cc
-+++ b/deps/ncrypto/ncrypto.cc
-@@ -5,6 +5,7 @@
- #include <openssl/bn.h>
- #include <openssl/evp.h>
- #include <openssl/hmac.h>
-+#include <openssl/rand.h>
- #include <openssl/pkcs12.h>
- #include <openssl/x509v3.h>
- #if OPENSSL_VERSION_MAJOR >= 3
--- 
-2.47.0
-
diff --git a/SPECS/nodejs.spec b/SPECS/nodejs.spec
index 2efa723..afeb4f3 100644
--- a/SPECS/nodejs.spec
+++ b/SPECS/nodejs.spec
@@ -57,8 +57,8 @@
 # than a Fedora release lifecycle.
 %global nodejs_epoch 1
 %global nodejs_major 22
-%global nodejs_minor 11
-%global nodejs_patch 0
+%global nodejs_minor 13
+%global nodejs_patch 1
 # nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h
 %global nodejs_soversion 127
 %global nodejs_abi %{nodejs_soversion}
@@ -85,25 +85,25 @@
 
 # c-ares - from deps/cares/include/ares_version.h
 # https://github.com/nodejs/node/pull/9332
-%global c_ares_version 1.33.1
+%global c_ares_version 1.34.4
 
 # llhttp - from deps/llhttp/include/llhttp.h
 %global llhttp_version 9.2.1
 
 # libuv - from deps/uv/include/uv/version.h
-%global libuv_version 1.48.0
+%global libuv_version 1.49.2
 
 # nghttp2 - from deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h
-%global nghttp2_version 1.63.0
+%global nghttp2_version 1.64.0
 
 # nghttp3 - from deps/ngtcp2/nghttp3/lib/includes/nghttp3/version.h
-%global nghttp3_version 0.7.0
+%global nghttp3_version 1.6.0
 
 # ngtcp2 from deps/ngtcp2/ngtcp2/lib/includes/ngtcp2/version.h
-%global ngtcp2_version 1.3.0
+%global ngtcp2_version 1.9.1
 
 # ICU - from tools/icu/current_ver.dep
-%global icu_major 75
+%global icu_major 76
 %global icu_minor 1
 %global icu_version %{icu_major}.%{icu_minor}
 
@@ -112,7 +112,7 @@
 # " this line just fixes syntax highlighting for vim that is confused by the above and continues literal
 
 # simdutf from deps/simdutf/simdutf.h
-%global simdutf_version 5.5.0
+%global simdutf_version 5.6.4
 
 # OpenSSL minimum version
 %global openssl11_minimum 1:1.1.1
@@ -125,7 +125,7 @@
 
 # npm - from deps/npm/package.json
 %global npm_epoch 1
-%global npm_version 10.9.0
+%global npm_version 10.9.2
 
 # In order to avoid needing to keep incrementing the release version for the
 # main package forever, we will just construct one for npm that is guaranteed
@@ -142,7 +142,7 @@
 %global histogram_version 0.11.8
 
 # sqlite - from deps/sqlite/sqlite3.h
-%global sqlite_version 3.46.1
+%global sqlite_version 3.47.2
 
 
 Name: nodejs
@@ -172,7 +172,6 @@ Source202: nodejs.pc.in
 Source203: v8.pc.in
 
 Patch: 0001-Remove-unused-OpenSSL-config.patch
-Patch: 0002-deps-ncrypto-include-openssl-rand.h.patch
 
 %global pkgname nodejs
 
@@ -895,6 +894,11 @@ end
 
 
 %changelog
+* Thu Jan 30 2025 Jan Staněk <jstanek@redhat.com> - 1:22.13.1-1
+- Update to version 22.13.1
+  Fixes CVE-2025-23083 CVE-2025-23085 CVE-2025-22150
+  Resolves: RHEL-76360
+
 * Mon Nov 04 2024 Jan Staněk <jstanek@redhat.com> - 1:22.11.0-1
 - Update to version 22.11.0