import UBI nodejs-16.20.2-3.el9_2
This commit is contained in:
parent
14b6857dff
commit
f04cc83330
@ -1,4 +1,4 @@
|
|||||||
From 8a45f34d9d74d59879973210cf06f4383b9832b8 Mon Sep 17 00:00:00 2001
|
From 39f761838b5fc10af995642bd44e6bb4c79085f1 Mon Sep 17 00:00:00 2001
|
||||||
From: rpm-build <rpm-build>
|
From: rpm-build <rpm-build>
|
||||||
Date: Tue, 30 May 2023 13:12:35 +0200
|
Date: Tue, 30 May 2023 13:12:35 +0200
|
||||||
Subject: [PATCH] Disable running gyp on shared deps
|
Subject: [PATCH] Disable running gyp on shared deps
|
||||||
@ -9,7 +9,7 @@ Signed-off-by: rpm-build <rpm-build>
|
|||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
diff --git a/Makefile b/Makefile
|
diff --git a/Makefile b/Makefile
|
||||||
index 6d6f2e4..88e1a11 100644
|
index ef3eda2..8b52a4f 100644
|
||||||
--- a/Makefile
|
--- a/Makefile
|
||||||
+++ b/Makefile
|
+++ b/Makefile
|
||||||
@@ -148,7 +148,7 @@ with-code-cache test-code-cache:
|
@@ -148,7 +148,7 @@ with-code-cache test-code-cache:
|
||||||
@ -22,5 +22,5 @@ index 6d6f2e4..88e1a11 100644
|
|||||||
tools/v8_gypfiles/inspector.gypi tools/v8_gypfiles/v8.gyp
|
tools/v8_gypfiles/inspector.gypi tools/v8_gypfiles/v8.gyp
|
||||||
$(PYTHON) tools/gyp_node.py -f make
|
$(PYTHON) tools/gyp_node.py -f make
|
||||||
--
|
--
|
||||||
2.40.1
|
2.41.0
|
||||||
|
|
||||||
|
@ -1,14 +1,17 @@
|
|||||||
FIPS related options cause a segfault, let's end sooner
|
From b9370dcfba759c63e894f12abcf49699f1e8f0dc Mon Sep 17 00:00:00 2001
|
||||||
|
From: Honza Horak <hhorak@redhat.com>
|
||||||
|
Date: Thu, 12 Oct 2023 13:52:59 +0200
|
||||||
|
Subject: [PATCH] disable fips options
|
||||||
|
|
||||||
Upstream report: https://github.com/nodejs/node/pull/48950
|
Signed-off-by: rpm-build <rpm-build>
|
||||||
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2227796
|
---
|
||||||
|
src/crypto/crypto_util.cc | 2 ++
|
||||||
|
1 file changed, 2 insertions(+)
|
||||||
|
|
||||||
This patch makes the part of the code that processes cmd-line options for
|
diff --git a/src/crypto/crypto_util.cc b/src/crypto/crypto_util.cc
|
||||||
FIPS to end sooner before the code gets to the problematic part of the code.
|
index 59ae7f8..7343396 100644
|
||||||
|
--- a/src/crypto/crypto_util.cc
|
||||||
diff -up node-v18.16.1/src/crypto/crypto_util.cc.origfips node-v18.16.1/src/crypto/crypto_util.cc
|
+++ b/src/crypto/crypto_util.cc
|
||||||
--- node-v18.16.1/src/crypto/crypto_util.cc.origfips 2023-07-31 12:09:46.603683081 +0200
|
|
||||||
+++ node-v18.16.1/src/crypto/crypto_util.cc 2023-07-31 12:16:16.906617914 +0200
|
|
||||||
@@ -111,6 +111,8 @@ bool ProcessFipsOptions() {
|
@@ -111,6 +111,8 @@ bool ProcessFipsOptions() {
|
||||||
/* Override FIPS settings in configuration file, if needed. */
|
/* Override FIPS settings in configuration file, if needed. */
|
||||||
if (per_process::cli_options->enable_fips_crypto ||
|
if (per_process::cli_options->enable_fips_crypto ||
|
||||||
@ -18,3 +21,6 @@ diff -up node-v18.16.1/src/crypto/crypto_util.cc.origfips node-v18.16.1/src/cryp
|
|||||||
#if OPENSSL_VERSION_MAJOR >= 3
|
#if OPENSSL_VERSION_MAJOR >= 3
|
||||||
OSSL_PROVIDER* fips_provider = OSSL_PROVIDER_load(nullptr, "fips");
|
OSSL_PROVIDER* fips_provider = OSSL_PROVIDER_load(nullptr, "fips");
|
||||||
if (fips_provider == nullptr)
|
if (fips_provider == nullptr)
|
||||||
|
--
|
||||||
|
2.41.0
|
||||||
|
|
5802
SOURCES/0003-deps-nghttp2-update-to-1.57.0.patch
Normal file
5802
SOURCES/0003-deps-nghttp2-update-to-1.57.0.patch
Normal file
File diff suppressed because it is too large
Load Diff
@ -30,7 +30,7 @@
|
|||||||
# This is used by both the nodejs package and the npm subpackage that
|
# This is used by both the nodejs package and the npm subpackage that
|
||||||
# has a separate version - the name is special so that rpmdev-bumpspec
|
# has a separate version - the name is special so that rpmdev-bumpspec
|
||||||
# will bump this rather than adding .1 to the end.
|
# will bump this rather than adding .1 to the end.
|
||||||
%global baserelease 1
|
%global baserelease 3
|
||||||
|
|
||||||
%{?!_pkgdocdir:%global _pkgdocdir %{_docdir}/%{name}-%{version}}
|
%{?!_pkgdocdir:%global _pkgdocdir %{_docdir}/%{name}-%{version}}
|
||||||
|
|
||||||
@ -75,7 +75,7 @@
|
|||||||
%global libuv_version 1.43.0
|
%global libuv_version 1.43.0
|
||||||
|
|
||||||
# nghttp2 - from deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h
|
# nghttp2 - from deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h
|
||||||
%global nghttp2_version 1.47.0
|
%global nghttp2_version 1.57.0
|
||||||
|
|
||||||
# nghttp3 - from deps/ngtcp2/nghttp3/lib/includes/nghttp3/version.h
|
# nghttp3 - from deps/ngtcp2/nghttp3/lib/includes/nghttp3/version.h
|
||||||
%global nghttp3_major 0
|
%global nghttp3_major 0
|
||||||
@ -182,7 +182,8 @@ Source112: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-14/wasi-sdk-
|
|||||||
|
|
||||||
# Disable running gyp on bundled deps we don't use
|
# Disable running gyp on bundled deps we don't use
|
||||||
Patch1: 0001-Disable-running-gyp-on-shared-deps.patch
|
Patch1: 0001-Disable-running-gyp-on-shared-deps.patch
|
||||||
Patch3: nodejs-fips-disable-options.patch
|
Patch2: 0002-disable-fips-options.patch
|
||||||
|
Patch3: 0003-deps-nghttp2-update-to-1.57.0.patch
|
||||||
|
|
||||||
BuildRequires: make
|
BuildRequires: make
|
||||||
BuildRequires: python3-devel
|
BuildRequires: python3-devel
|
||||||
@ -722,6 +723,12 @@ end
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Oct 13 2023 Jan Staněk <jstanek@redhat.com> - 1:16.20.2-3
|
||||||
|
- Update version of bundled nghttp2 in spec file
|
||||||
|
|
||||||
|
* Thu Oct 12 2023 Jan Staněk <jstanek@redhat.com> - 1:16.20.2-2
|
||||||
|
- Update bundled nghttp2 to 1.57.0 (CVE-2023-44487)
|
||||||
|
|
||||||
* Wed Aug 30 2023 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.20.2-1
|
* Wed Aug 30 2023 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.20.2-1
|
||||||
- Rebase to 16.20.2
|
- Rebase to 16.20.2
|
||||||
Resolves: CVE-2023-32002 CVE-2023-32006 CVE-2023-32559
|
Resolves: CVE-2023-32002 CVE-2023-32006 CVE-2023-32559
|
||||||
|
Loading…
Reference in New Issue
Block a user