From f225ed2be1554ef308aaf94e810ea2ed34bfd72b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20Stan=C4=9Bk?= <jstanek@redhat.com>
Date: Tue, 7 May 2024 10:55:38 +0200
Subject: [PATCH] Properly apply the patch for CVE-2024-27982

Resolves: RHEL-33015
---
 nodejs.spec | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/nodejs.spec b/nodejs.spec
index c59562f..e54797c 100644
--- a/nodejs.spec
+++ b/nodejs.spec
@@ -30,7 +30,7 @@
 # This is used by both the nodejs package and the npm subpackage that
 # has a separate version - the name is special so that rpmdev-bumpspec
 # will bump this rather than adding .1 to the end.
-%global baserelease 7
+%global baserelease 8
 
 %{?!_pkgdocdir:%global _pkgdocdir %{_docdir}/%{name}-%{version}}
 
@@ -195,6 +195,8 @@ Patch7: 0007-Add-nghttp2_option_set_max_continuations.patch
 Patch8: 0008-zlib-pause-stream-if-outgoing-buffer-is-full.patch
 # CVE-2024-25629
 Patch9: 0009-Address-CVE-2024-25629.patch
+# CVE-2024-27982
+Patch10: 0010-http-do-not-allow-OBS-fold-in-headers-by-default.patch
 
 BuildRequires: make
 BuildRequires: python3-devel
@@ -735,6 +737,9 @@ end
 
 
 %changelog
+* Tue May 07 2024 Jan Staněk <jstanek@redhat.com> - 1:16.20.2-8
+- Actually apply the patch for CVE-2024-27982
+
 * Wed Apr 24 2024 Jan Staněk <jstanek@redhat.com> - 1:16.20.2-7
 - Backport patch for CVE-2024-27982