From 5309b84257af14ce0b409e12a3c2165e7ad4d8b0 Mon Sep 17 00:00:00 2001
From: Zuzana Svetlikova <zsvetlik@redhat.com>
Date: Fri, 9 Jul 2021 14:39:23 +0200
Subject: [PATCH] Resolves: RHBZ#1979847 Resolves CVE-2021-22918(libuv) Use
 system cipher list(1842826, 1952915)

---
 .gitignore  |  1 +
 nodejs.spec | 31 +++++++++++++++++++------------
 sources     |  2 +-
 3 files changed, 21 insertions(+), 13 deletions(-)

diff --git a/.gitignore b/.gitignore
index 6f44884..a8a5228 100644
--- a/.gitignore
+++ b/.gitignore
@@ -16,3 +16,4 @@
 /node-v14.16.0-stripped.tar.gz
 /node-v16.1.0-stripped.tar.gz
 /icu4c-69_1-src.tgz
+/node-v16.4.2-stripped.tar.gz
diff --git a/nodejs.spec b/nodejs.spec
index df9bdbc..0fb3c2c 100644
--- a/nodejs.spec
+++ b/nodejs.spec
@@ -25,8 +25,8 @@
 # than a Fedora release lifecycle.
 %global nodejs_epoch 1
 %global nodejs_major 16
-%global nodejs_minor 1
-%global nodejs_patch 0
+%global nodejs_minor 4
+%global nodejs_patch 2
 %global nodejs_abi %{nodejs_major}.%{nodejs_minor}
 # nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h
 %global nodejs_soversion 93
@@ -40,9 +40,9 @@
 # Epoch is set to ensure clean upgrades from the old v8 package
 %global v8_epoch 2
 %global v8_major 9
-%global v8_minor 0
-%global v8_build 257
-%global v8_patch 24
+%global v8_minor 1
+%global v8_build 269
+%global v8_patch 36
 # V8 presently breaks ABI at least every x.y release while never bumping SONAME
 %global v8_abi %{v8_major}.%{v8_minor}
 %global v8_version %{v8_major}.%{v8_minor}.%{v8_build}.%{v8_patch}
@@ -58,18 +58,18 @@
 # llhttp - from deps/llhttp/include/llhttp.h
 %global llhttp_major 6
 %global llhttp_minor 0
-%global llhttp_patch 1
+%global llhttp_patch 2
 %global llhttp_version %{llhttp_major}.%{llhttp_minor}.%{llhttp_patch}
 
 # libuv - from deps/uv/include/uv/version.h
 %global libuv_major 1
-%global libuv_minor 40
+%global libuv_minor 41
 %global libuv_patch 0
 %global libuv_version %{libuv_major}.%{libuv_minor}.%{libuv_patch}
 
 # nghttp2 - from deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h
 %global nghttp2_major 1
-%global nghttp2_minor 41
+%global nghttp2_minor 42
 %global nghttp2_patch 0
 %global nghttp2_version %{nghttp2_major}.%{nghttp2_minor}.%{nghttp2_patch}
 
@@ -118,8 +118,8 @@
 # npm - from deps/npm/package.json
 %global npm_epoch 1
 %global npm_major 7
-%global npm_minor 11
-%global npm_patch 2
+%global npm_minor 18
+%global npm_patch 1
 %global npm_version %{npm_major}.%{npm_minor}.%{npm_patch}
 
 # uvwasi - from deps/uvwasi/include/uvwasi.h
@@ -400,7 +400,8 @@ export LDFLAGS="%{build_ldflags}"
            --shared-brotli \
            --with-dtrace \
            --with-intl=small-icu \
-           --openssl-use-def-ca-store
+           --openssl-use-def-ca-store \
+           --openssl-default-cipher-list=PROFILE=SYSTEM
 %else
 %{__python3} configure.py --prefix=%{_prefix} \
            --shared-openssl \
@@ -411,7 +412,8 @@ export LDFLAGS="%{build_ldflags}"
            --with-dtrace \
            --with-intl=small-icu \
            --with-icu-default-data-dir=%{icudatadir} \
-           --openssl-use-def-ca-store
+           --openssl-use-def-ca-store \
+           --openssl-default-cipher-list=PROFILE=SYSTEM
 %endif
 
 %if %{?with_debug} == 1
@@ -680,6 +682,11 @@ end
 
 
 %changelog
+* Fri Jul 09 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.4.2-1
+- Resolves: RHBZ#1979847
+- Resolves CVE-2021-22918(libuv)
+- Use system cipher list(1842826, 1952915)
+
 * Tue May 11 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.1.0-1
 - Resolves: RHBZ#1953991
 - Rebase to v16.x
diff --git a/sources b/sources
index bdf70ad..dc01788 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (node-v16.1.0-stripped.tar.gz) = ab080a098b7c24866a9f7e39b026672d517efad5e8c17b44349c0e343a4121ca305bb470d89e28352e64a81ae88aa94de265c8c40c26db260c5053470ef6f610
+SHA512 (node-v16.4.2-stripped.tar.gz) = 6625bdecdf8b3f268d4cb941fec5861bf8c4068589abce28d5cb9df2007fb2355fb090c814e77b5451d1ebab4a43acd07461bfd1d8b85f82af45e0cb11a4a6ab
 SHA512 (icu4c-69_1-src.tgz) = d4aeb781715144ea6e3c6b98df5bbe0490bfa3175221a1d667f3e6851b7bd4a638fa4a37d4a921ccb31f02b5d15a6dded9464d98051964a86f7b1cde0ff0aab7