Rebase to version 20.12.2

Resolves: RHEL-31265 RHEL-29878 RHEL-26528 RHEL-33014
This commit is contained in:
Jan Staněk 2024-04-16 15:37:01 +02:00
parent e7020a5929
commit 77f080bba3
No known key found for this signature in database
GPG Key ID: 2972F2037B243B6D
3 changed files with 26 additions and 18 deletions

3
.gitignore vendored
View File

@ -57,3 +57,6 @@
/wasi-sdk-wasi-sdk-16.tar.gz /wasi-sdk-wasi-sdk-16.tar.gz
/node-v20.11.1-stripped.tar.gz /node-v20.11.1-stripped.tar.gz
/undici-5.28.3.tar.gz /undici-5.28.3.tar.gz
/node-v20.12.2-stripped.tar.gz
/icu4c-74_2-src.tgz
/undici-5.28.4.tar.gz

View File

@ -44,8 +44,8 @@
# than a Fedora release lifecycle. # than a Fedora release lifecycle.
%global nodejs_epoch 1 %global nodejs_epoch 1
%global nodejs_major 20 %global nodejs_major 20
%global nodejs_minor 11 %global nodejs_minor 12
%global nodejs_patch 1 %global nodejs_patch 2
%global nodejs_abi %{nodejs_major}.%{nodejs_minor} %global nodejs_abi %{nodejs_major}.%{nodejs_minor}
# nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h # nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h
%global nodejs_soversion 115 %global nodejs_soversion 115
@ -69,16 +69,16 @@
# c-ares - from deps/cares/include/ares_version.h # c-ares - from deps/cares/include/ares_version.h
# https://github.com/nodejs/node/pull/9332 # https://github.com/nodejs/node/pull/9332
%global c_ares_version 1.20.1 %global c_ares_version 1.27.0
# llhttp - from deps/llhttp/include/llhttp.h # llhttp - from deps/llhttp/include/llhttp.h
%global llhttp_version 8.1.1 %global llhttp_version 8.1.2
# libuv - from deps/uv/include/uv/version.h # libuv - from deps/uv/include/uv/version.h
%global libuv_version 1.46.0 %global libuv_version 1.46.0
# nghttp2 - from deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h # nghttp2 - from deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h
%global nghttp2_version 1.58.0 %global nghttp2_version 1.60.0
# nghttp3 - from deps/ngtcp2/nghttp3/lib/includes/nghttp3/version.h # nghttp3 - from deps/ngtcp2/nghttp3/lib/includes/nghttp3/version.h
%global nghttp3_version 0.7.0 %global nghttp3_version 0.7.0
@ -87,7 +87,7 @@
%global ngtcp2_version 0.8.1 %global ngtcp2_version 0.8.1
# ICU - from tools/icu/current_ver.dep # ICU - from tools/icu/current_ver.dep
%global icu_major 73 %global icu_major 74
%global icu_minor 2 %global icu_minor 2
%global icu_version %{icu_major}.%{icu_minor} %global icu_version %{icu_major}.%{icu_minor}
@ -106,10 +106,10 @@
%endif %endif
# simduft from deps/simdutf/simdutf.h # simduft from deps/simdutf/simdutf.h
%global simduft_version 4.0.4 %global simduft_version 4.0.8
# ada from deps/ada/ada.h # ada from deps/ada/ada.h
%global ada_version 2.7.4 %global ada_version 2.7.6
# OpenSSL minimum version # OpenSSL minimum version
%global openssl_minimum 1:1.1.1 %global openssl_minimum 1:1.1.1
@ -122,7 +122,7 @@
# npm - from deps/npm/package.json # npm - from deps/npm/package.json
%global npm_epoch 1 %global npm_epoch 1
%global npm_version 10.2.4 %global npm_version 10.5.0
# In order to avoid needing to keep incrementing the release version for the # In order to avoid needing to keep incrementing the release version for the
# main package forever, we will just construct one for npm that is guaranteed # main package forever, we will just construct one for npm that is guaranteed
@ -132,10 +132,10 @@
# Node.js 16.9.1 and later comes with an experimental package management tool # Node.js 16.9.1 and later comes with an experimental package management tool
# corepack - from deps/corepack/package.json # corepack - from deps/corepack/package.json
%global corepack_version 0.23.0 %global corepack_version 0.25.2
# uvwasi - from deps/uvwasi/include/uvwasi.h # uvwasi - from deps/uvwasi/include/uvwasi.h
%global uvwasi_version 0.0.19 %global uvwasi_version 0.0.20
# histogram_c - from deps/histogram/include/hdr/hdr_histogram_version.h # histogram_c - from deps/histogram/include/hdr/hdr_histogram_version.h
%global histogram_version 0.11.8 %global histogram_version 0.11.8
@ -182,8 +182,8 @@ Source102: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-11/wasi-sdk-
# Version: jq '.version' deps/undici/src/package.json # Version: jq '.version' deps/undici/src/package.json
# Original: https://github.com/nodejs/undici/archive/refs/tags/v5.28.3.tar.gz # Original: https://github.com/nodejs/undici/archive/refs/tags/v5.28.3.tar.gz
# Adjustments: rm -f undici-5.28.3/lib/llhttp/llhttp*.wasm* # Adjustments: rm -f undici-5.28.4/lib/llhttp/llhttp*.wasm*
Source111: undici-5.28.3.tar.gz Source111: undici-5.28.4.tar.gz
# The WASM blob was made using wasi-sdk v16; compiler libraries are linked in. # The WASM blob was made using wasi-sdk v16; compiler libraries are linked in.
# Version source: deps/undici/src/lib/llhttp/wasm_build_env.txt # Version source: deps/undici/src/lib/llhttp/wasm_build_env.txt
# Also check (undici tarball): lib/llhttp/wasm_build_env.txt # Also check (undici tarball): lib/llhttp/wasm_build_env.txt
@ -485,7 +485,7 @@ popd # deps
%install %install
rm -rf %{buildroot} rm -rf %{buildroot}
./tools/install.py install %{buildroot} %{_prefix} ./tools/install.py install --dest-dir=%{buildroot} --prefix=%{_prefix}
# Set the binary permissions properly # Set the binary permissions properly
chmod 0755 %{buildroot}/%{_bindir}/node chmod 0755 %{buildroot}/%{_bindir}/node
@ -722,6 +722,11 @@ end
%changelog %changelog
* Tue Apr 16 2024 Jan Staněk <jstanek@redhat.com> - 1:20.12.2-1
- Rebase to version 20.12.0
Addresses CVE-2024-27983 CVE-2024-27982 CVE-2024-22025 (node)
Addresses CVE-2024-25629 (c-ares)
* Wed Feb 21 2024 Lukas Javorsky <ljavorsk@redhat.com> - 1:20.11.1-1 * Wed Feb 21 2024 Lukas Javorsky <ljavorsk@redhat.com> - 1:20.11.1-1
- Rebase to version 20.11.1 - Rebase to version 20.11.1
- Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 (high) - Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 (high)

View File

@ -1,6 +1,6 @@
SHA512 (node-v20.11.1-stripped.tar.gz) = 6c1566d894c559043df690cd945518ed62f3d7a075bd5e319e40f5632a3fa1d1ebe55a3c47970678fa0164f9f7a5afa50b47174d6d4b8db59e467b617332f243 SHA512 (node-v20.12.2-stripped.tar.gz) = bff24d8b3e6443aaab139cbea51978b2bcaf763aa31b304456f471187d1ef5eced8fe68737ee075ea802f1ff2a5b686d38e42fb5c5824b24b9f472337589e8a5
SHA512 (icu4c-73_2-src.tgz) = 76dd782db6205833f289d7eb68b60860dddfa3f614f0ba03fe7ec13117077f82109f0dc1becabcdf4c8a9c628b94478ab0a46134bdb06f4302be55f74027ce62 SHA512 (icu4c-74_2-src.tgz) = e6c7876c0f3d756f3a6969cad9a8909e535eeaac352f3a721338b9cbd56864bf7414469d29ec843462997815d2ca9d0dab06d38c37cdd4d8feb28ad04d8781b0
SHA512 (undici-5.28.3.tar.gz) = 1626128b41411447f519a605c3570c875a4c26b493cc3175b04ec54836450d23635813c93758b229f971a4b26096c0d497e13c91da4a40134536fece964ebb0b SHA512 (undici-5.28.4.tar.gz) = a0ebe329141f82c6d1073f089b0fef436abbd0cea5323e24e288aabcb165ac98fc21b8da472d8b52f5c38b47451392072c80d1a1dbfa073612842408934cf966
SHA512 (cjs-module-lexer-1.2.2.tar.gz) = 96bbd11da026f13cbfdf5e524dd94c16fd2b7ae13790de3eae5cd55e91e08d09cdf38f00797b99ab8e742aeb86418ce42808aba19224bde7875402cf8c14d110 SHA512 (cjs-module-lexer-1.2.2.tar.gz) = 0437378a087a43044b64e6b2e66426e429d87ed3f24a225d20ddc8fedda25917ba7db04a9d41207c59d20f0e6764837dad09393e5b8f92e361941a60ac5edd80
SHA512 (wasi-sdk-wasi-sdk-11.tar.gz) = cb37f357b09431a3efad26141d83dce63232a35b536d9a7bd341d4d9627a0a3d4bd4d57504b6e3dab421942d2c168a96da2a6be889aab3f9a2852fc5a3200d3c SHA512 (wasi-sdk-wasi-sdk-11.tar.gz) = cb37f357b09431a3efad26141d83dce63232a35b536d9a7bd341d4d9627a0a3d4bd4d57504b6e3dab421942d2c168a96da2a6be889aab3f9a2852fc5a3200d3c
SHA512 (wasi-sdk-wasi-sdk-16.tar.gz) = 501467cb04ee85ab2ccc3d8ab1beb5dd8957ca71cc51c86fd357991ddccb1a8c2656e24b947ea3a5acfaafd8c762f5ba20458c22b58a5a5c85ef8ecb7a76db65 SHA512 (wasi-sdk-wasi-sdk-16.tar.gz) = 501467cb04ee85ab2ccc3d8ab1beb5dd8957ca71cc51c86fd357991ddccb1a8c2656e24b947ea3a5acfaafd8c762f5ba20458c22b58a5a5c85ef8ecb7a76db65