2
0
forked from pool/nodejs21
Commit Graph

11 Commits

Author SHA256 Message Date
df3c9dd6fb - Update to 21.7.2:
* CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session()
    leads to HTTP/2 server crash- (High) (bsc#1222244)
  * CVE-2024-27982 - HTTP Request Smuggling via Content Length
    Obfuscation- (Medium) (bsc#1222384)
  * updated dependencies:
    + llhttp version 9.2.1
    + undici version 6.11.1 (bsc#1222530, CVE-2024-30260)
- node-gyp-addon-gypi.patch: adapted for new unit test layouts

OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs21?expand=0&rev=26
2024-04-09 14:39:25 +00:00
b2d354a373 - node-gyp-addon-gypi.patch: refreshed
OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs21?expand=0&rev=25
2024-04-09 12:50:48 +00:00
b1b1d9718b - Update to 21.7.1
* revert "test_runner: do not invoke after hook when test is empty"
  * lib: return directly if udp socket close before lookup
- Changes in 21.7.0
  * util.styleText(format, text): This function returns a
    formatted text considering the format passed.
  * support for multi-line values for .env file
  * sea: support embedding assets
  * vm: support using the default loader to handle dynamic import()
  * crypto: implement crypto.hash()
  * http2: add h2 compat support for appendHeader
- versioned.patch, nodejs-libpath.patch: refreshed
- c-ares-fixes.patch: upstreamed, removed

- Add libalternative config for corepack

OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs21?expand=0&rev=21
2024-04-02 14:32:44 +00:00
3dd84fa6f5 - Update to 21.6.2: (security updates)
* (CVE-2024-21892, bsc#1219992) - Code injection and privilege escalation through Linux capabilities- (High)
  * (CVE-2024-22019, bsc#1219993) - http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks- (High)
  * (CVE-2024-21896, bsc#1219994) - Path traversal by monkey-patching Buffer internals- (High)
  * (CVE-2024-22017, bsc#1219995) - setuid() does not drop all privileges due to io_uring - (High)
  * (CVE-2023-46809, bsc#1219997) - Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) - (Medium)
  * (CVE-2024-21891, bsc#1219998) - Multiple permission model bypasses due to improper path traversal sequence sanitization - (Medium)
  * (CVE-2024-21890, bsc#1219999) - Improper handling of wildcards in --allow-fs-read and --allow-fs-write (Medium)
  * (CVE-2024-22025, bsc#1220014) - Denial of Service by resource exhaustion in fetch() brotli decoding - (Medium)
  * undici version 5.28.3 (CVE-2024-24758, bsc#1220017)
  * libuv version 1.48.0

OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs21?expand=0&rev=19
2024-02-16 16:23:48 +00:00
e1d05d0d69 - Update to 21.6.1:
* Revert "stream: fix cloned webstreams not being unref'd"
- Changes in 21.6.0:
  * New connection attempt events
  * --allow-addons to enable addon usage when using the Permission Model.
  * Support configurable snapshot through --build-snapshot-config flag
- fix_ci_tests.patch: refreshed

OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs21?expand=0&rev=16
2024-02-12 15:19:46 +00:00
1b9c34e5e2 - Update to 21.5.0:
* module: merge config with package_json_reader
  * src: move package resolver to c++
  * doc:
    + deprecate hash constructor
    + deprecate dirent.path
- linker_lto_jobs.patch: refreshed

OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs21?expand=0&rev=14
2024-01-08 15:10:14 +00:00
ec5470976f - c-ares-fixes.patch: fixes unit tests for new c-ares
OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs21?expand=0&rev=12
2024-01-02 14:28:38 +00:00
6502229e81 - Update to 21.4.0:
* fs: introduce dirent.parentPath
  * fs: use default w flag for writeFileSync with utf8 encoding
- Changes in 21.3.0:
  * New --disable-warning flag
  * Fast fs.writeFileSync with UTF-8 Strings
For details, see
https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V21.md#21.4.0
- fix_ci_tests.patch: added workaround for missing deps

OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs21?expand=0&rev=9
2023-12-13 13:27:50 +00:00
6ad92ba65e - node-gyp-addon-gypi.patch: fix misapplied patch (bsc#1217424)
OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs21?expand=0&rev=8
2023-11-23 10:50:30 +00:00
c57e7a4279 - Update to 21.2.0
* esm: add import.meta.dirname and import.meta.filename
  * fs: add stacktrace to fs/promises
  * lib:
    +  add --no-experimental-global-navigator CLI flag
    +  add navigator.language & navigator.languages
    +  add navigator.platform
  * stream:
    + add support for deflate-raw format to webstreams compression
    + use Array for Readable buffer
    + optimize creation
  * test_runner:
    + adds built in lcov reporter
    + test_runner: add Date to the supported mock APIs
    + test_runner, cli: add --test-timeout flag
For details see
https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V21.md#21.2.0
- nodejs20-zlib-1.3.patch: upstreamed, dropped
- node-gyp-addon-gypi.patch: rebased
- fix_ci_tests.patch: partially upstreamed

OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs21?expand=0&rev=5
2023-11-16 09:24:16 +00:00
b9ebe15f35 - Package new version 21.1.0
For overview of changes and details since 20.x and earlier see
  https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V21.md#21.0.0
- imported the following patches from prior patches:
  + cares_public_headers.patch
  + fix_ci_tests.patch
  + flaky_test_rerun.patch
  + gcc13.patch
  + legacy_python.patch
  + linker_lto_jobs.patch
  + manual_configure.patch
  + node-gyp-addon-gypi.patch
  + node-gyp-config.patch
  + nodejs20-zlib-1.3.patch
  + nodejs-libpath.patch
  + npm_search_paths.patch
  + openssl_binary_detection.patch
  + qemu_timeouts_arches.patch
  + skip_no_console.patch
  + sle12_python3_compat.patch
  + test-skip-y2038-on-32bit-time_t.patch
  + versioned.patch

OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs21?expand=0&rev=1
2023-11-07 09:48:41 +00:00