From 66c4fc39c42316cfa6d5811162f595c630f7d363 Mon Sep 17 00:00:00 2001 From: Lukas Javorsky Date: Tue, 5 Mar 2024 11:14:55 +0000 Subject: [PATCH] Rebase to version 20.11.1 Resolves: RHEL-25867 RHEL-26537 RHEL-26535 RHEL-25933 RHEL-26533 RHEL-26539 RHEL-25923 --- .gitignore | 2 ++ nodejs.spec | 13 +++++++++---- sources | 4 ++-- 3 files changed, 13 insertions(+), 6 deletions(-) diff --git a/.gitignore b/.gitignore index f88aacb..5a48e99 100644 --- a/.gitignore +++ b/.gitignore @@ -55,3 +55,5 @@ /node-v20.11.0-stripped.tar.gz /undici-5.27.2.tar.gz /wasi-sdk-wasi-sdk-16.tar.gz +/node-v20.11.1-stripped.tar.gz +/undici-5.28.3.tar.gz diff --git a/nodejs.spec b/nodejs.spec index 476e33a..0f0c634 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -45,7 +45,7 @@ %global nodejs_epoch 1 %global nodejs_major 20 %global nodejs_minor 11 -%global nodejs_patch 0 +%global nodejs_patch 1 %global nodejs_abi %{nodejs_major}.%{nodejs_minor} # nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h %global nodejs_soversion 115 @@ -181,9 +181,9 @@ Source101: cjs-module-lexer-1.2.2.tar.gz Source102: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-11/wasi-sdk-wasi-sdk-11.tar.gz # Version: jq '.version' deps/undici/src/package.json -# Original: https://github.com/nodejs/undici/archive/refs/tags/v5.27.2.tar.gz -# Adjustments: rm -f undici-5.27.2/lib/llhttp/llhttp*.wasm* -Source111: undici-5.27.2.tar.gz +# Original: https://github.com/nodejs/undici/archive/refs/tags/v5.28.3.tar.gz +# Adjustments: rm -f undici-5.28.3/lib/llhttp/llhttp*.wasm* +Source111: undici-5.28.3.tar.gz # The WASM blob was made using wasi-sdk v16; compiler libraries are linked in. # Version source: deps/undici/src/lib/llhttp/wasm_build_env.txt # Also check (undici tarball): lib/llhttp/wasm_build_env.txt @@ -722,6 +722,11 @@ end %changelog +* Wed Feb 21 2024 Lukas Javorsky - 1:20.11.1-1 +- Rebase to version 20.11.1 +- Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 (high) +- Fixes: CVE-2023-46809 CVE-2024-21890 CVE-2024-21891 (medium) + * Fri Jan 19 2024 Lukas Javorsky - 1:20.11.0-1 - Rebase to version 20.11.0 - Resolves: RHEL-21434 diff --git a/sources b/sources index ba49c21..5864adb 100644 --- a/sources +++ b/sources @@ -1,6 +1,6 @@ -SHA512 (node-v20.11.0-stripped.tar.gz) = 4052a2625e085d850f5d196af2fcc5a64ec39ad9921b21753a17f4d918d7dafa83bb385d873aa7dab386934fd352f687f452be23712de5ce71d4966fded50d36 +SHA512 (node-v20.11.1-stripped.tar.gz) = 6c1566d894c559043df690cd945518ed62f3d7a075bd5e319e40f5632a3fa1d1ebe55a3c47970678fa0164f9f7a5afa50b47174d6d4b8db59e467b617332f243 SHA512 (icu4c-73_2-src.tgz) = 76dd782db6205833f289d7eb68b60860dddfa3f614f0ba03fe7ec13117077f82109f0dc1becabcdf4c8a9c628b94478ab0a46134bdb06f4302be55f74027ce62 -SHA512 (undici-5.27.2.tar.gz) = 31c53a2df8a0aea14c1671eae598e330b5e5575584a8d742e39dd6b3bd8d4d5bee300a422ea54331ee3aee2d89f2a6204a41a245ba55a07baeb96eb0ba2ec5ff +SHA512 (undici-5.28.3.tar.gz) = 1626128b41411447f519a605c3570c875a4c26b493cc3175b04ec54836450d23635813c93758b229f971a4b26096c0d497e13c91da4a40134536fece964ebb0b SHA512 (cjs-module-lexer-1.2.2.tar.gz) = 96bbd11da026f13cbfdf5e524dd94c16fd2b7ae13790de3eae5cd55e91e08d09cdf38f00797b99ab8e742aeb86418ce42808aba19224bde7875402cf8c14d110 SHA512 (wasi-sdk-wasi-sdk-11.tar.gz) = cb37f357b09431a3efad26141d83dce63232a35b536d9a7bd341d4d9627a0a3d4bd4d57504b6e3dab421942d2c168a96da2a6be889aab3f9a2852fc5a3200d3c SHA512 (wasi-sdk-wasi-sdk-16.tar.gz) = 501467cb04ee85ab2ccc3d8ab1beb5dd8957ca71cc51c86fd357991ddccb1a8c2656e24b947ea3a5acfaafd8c762f5ba20458c22b58a5a5c85ef8ecb7a76db65