rpms/nodejs20
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531)

Browse Source 
Certificate Verification Bypass via String Injection (Medium)(CVE-2021-44532)
Incorrect handling of certificate subject and issuer fields (Medium)(CVE-2021-44533)
Prototype pollution via `console.table` properties (Low)(CVE-2022-21824)

Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
This commit is contained in:
Stephen Gallagher 2022-01-11 14:24:23 -05:00
parent 87f93eb0ac
commit 97203e0629
No known key found for this signature in database
GPG Key ID: 45DB85A568286D11
2 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
nodejs.spec
View File

@ -14,7 +14,7 @@
# This is used by both the nodejs package and the npm subpackage that
# has a separate version - the name is special so that rpmdev-bumpspec
# will bump this rather than adding .1 to the end.
%global baserelease 2
%global baserelease 1
%{?!_pkgdocdir:%global _pkgdocdir %{_docdir}/%{name}-%{version}}
@ -26,7 +26,7 @@
%global nodejs_epoch 1
%global nodejs_major 16
%global nodejs_minor 13
%global nodejs_patch 1
%global nodejs_patch 2
%global nodejs_abi %{nodejs_major}.%{nodejs_minor}
# nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h
%global nodejs_soversion 93
@ -701,6 +701,12 @@ end
%changelog
* Tue Jan 11 2022 Stephen Gallagher <sgallagh@redhat.com> - 1:16.13.2-1
- Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531)
- Certificate Verification Bypass via String Injection (Medium)(CVE-2021-44532)
- Incorrect handling of certificate subject and issuer fields (Medium)(CVE-2021-44533)
- Prototype pollution via `console.table` properties (Low)(CVE-2022-21824)
* Thu Dec 02 2021 Stephen Gallagher <sgallagh@redhat.com> - 1:16.13.1-2
- Enable building for EPEL 8 modules

2
sources
View File

@ -1,2 +1,2 @@
SHA512 (node-v16.13.1-stripped.tar.gz) = 0cfc02dbc6f574dd56df096b6a5b08e32629af93eef3e9e99828b6813b1b49dba283a113542c4d1c7541955a95f1c57f8f642f3d7b722b00708b2853c1461fa0
SHA512 (node-v16.13.2-stripped.tar.gz) = 0f09ce68779448b60fe84df5ace3bc482c1059e0ca9c9e55cfc51e5ad7e94f7f70c3c561b351674f734dbd4c08944a4f5f82d023a61f292bd6eaad8ab6e2d7c5
SHA512 (icu4c-69_1-src.tgz) = d4aeb781715144ea6e3c6b98df5bbe0490bfa3175221a1d667f3e6851b7bd4a638fa4a37d4a921ccb31f02b5d15a6dded9464d98051964a86f7b1cde0ff0aab7