import UBI nodejs-18.14.2-3.module+el8.8.0+19021+4b8b11cc

2023-07-12 15:14:00 +00:00 · 2023-07-12 15:14:00 +00:00 · c3a7adcfdb
commit c3a7adcfdb
parent 9a796f7b07
3 changed files with 16787 additions and 9 deletions
--- a/SOURCES/0001-Disable-running-gyp-on-shared-deps.patch
+++ b/SOURCES/0001-Disable-running-gyp-on-shared-deps.patch
@ -1,5 +1,16 @@
 From 030bbedf7d79025848122081e13fe94b0324ad88 Mon Sep 17 00:00:00 2001
 From: rpm-build <rpm-build>
 Date: Tue, 30 May 2023 13:12:35 +0200
 Subject: [PATCH] Disable running gyp on shared deps
 Signed-off-by: rpm-build <rpm-build>
 ---
 Makefile |  2 +-
 node.gyp | 17 -----------------
 2 files changed, 1 insertion(+), 18 deletions(-)
 diff --git a/Makefile b/Makefile
-index 9401346623..c9d3da24c5 100644
+index 9401346..c9d3da2 100644
 --- a/Makefile
 +++ b/Makefile
@@ -169,7 +169,7 @@ with-code-cache test-code-cache:
@ -12,7 +23,7 @@ index 9401346623..c9d3da24c5 100644
 	tools/v8_gypfiles/toolchain.gypi tools/v8_gypfiles/features.gypi \
 	tools/v8_gypfiles/inspector.gypi tools/v8_gypfiles/v8.gyp
 diff --git a/node.gyp b/node.gyp
-index cec24aed03..13af00f40d 100644
+index cec24ae..13af00f 100644
 --- a/node.gyp
 +++ b/node.gyp
@@ -429,23 +429,6 @@
@ -39,3 +50,6 @@ index cec24aed03..13af00f40d 100644
          }],
       ],
     }, # node_core_target_name
 -- 
 2.40.1
--- a/SOURCES/0002-deps-update-c-ares-to-1.19.1.patch
+++ b/SOURCES/0002-deps-update-c-ares-to-1.19.1.patch
--- a/SPECS/nodejs.spec
+++ b/SPECS/nodejs.spec
@ -30,7 +30,7 @@
 # This is used by both the nodejs package and the npm subpackage that
 # has a separate version - the name is special so that rpmdev-bumpspec
 # will bump this rather than adding .1 to the end.
-%global baserelease 2
+%global baserelease 3
 %{?!_pkgdocdir:%global _pkgdocdir %{_docdir}/%{name}-%{version}}
@ -66,10 +66,7 @@
 # c-ares - from deps/cares/include/ares_version.h
 # https://github.com/nodejs/node/pull/9332
-%global c_ares_major 1
+%global c_ares_version 1.19.1
 %global c_ares_minor 18
 %global c_ares_patch 1
 %global c_ares_version %{c_ares_major}.%{c_ares_minor}.%{c_ares_patch}
 # llhttp - from deps/llhttp/include/llhttp.h
 %global llhttp_major 6
@ -212,6 +209,7 @@ Source112: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-14/wasi-sdk-
 # Disable running gyp on bundled deps we don't use
 Patch1: 0001-Disable-running-gyp-on-shared-deps.patch
 Patch2: 0002-deps-update-c-ares-to-1.19.1.patch
 BuildRequires: make
 BuildRequires: python3-devel
@ -731,13 +729,18 @@ end
 %changelog
 * Tue May 30 2023 Jan Staněk <jstanek@redhat.com> - 1:18.14.2-3
 - Update bundled c-ares to 1.19.1
  Resolves: CVE-2022-4904
  Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067
 * Tue Mar 21 2023 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:18.14.2-2
 - Provide simduft
 * Tue Mar 21 2023 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:18.14.2-1
 - Rebase to 18.14.2
- Resolves: #2178087
+- Resolves: #2178086
- Resolves: CVE-2022-25881, CVE-2022-4904, CVE-2023-23936, CVE-2023-24807
+- Resolves: CVE-2022-25881, CVE-2023-23936, CVE-2023-24807
 - Resolves: CVE-2023-23918, CVE-2023-23919, CVE-2023-23920
 * Fri Nov 18 2022 Jan Staněk <jstanek@redhat.com> - 1:18.12.1-2