forked from pool/nodejs19
Adam Majer
b253c3b1c5
* deps:
+ upgrade npm to 9.5.0
+ update undici to v5.20.0
* stream: add abort signal for ReadableStream and WritableStream
* url: replace url-parser with ada (not language)
- Changes in version 19.6.1:
* fixes permissions policies can be bypassed via process.mainModule
(bsc#1208481, CVE-2023-23918)
* fixes insecure loading of ICU data through ICU_DATA environment
variable (bsc#1208487, CVE-2023-23920)
* fixes OpenSSL error handling issues in nodejs crypto library
(bsc#1208483, CVE-2023-23919)
* updates undici to v5.19.1
+ Fetch API in Node.js did not protect against CRLF injection in host headers
+ Regular Expression Denial of Service in Headers in Node.js fetch API
(bsc#1208413, bsc#1208485, CVE-2023-24807, CVE-2023-23936)
- linker_lto_jobs.patch: refreshed
OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs19?expand=0&rev=35
26 lines
752 B
Diff
26 lines
752 B
Diff
Purpose of these dependencies is to make sure that the linker
|
|
is run serially over these binaries instead of in parallel.
|
|
OBS workers run out of memory as each executable seems to require
|
|
upward of 5G RAM
|
|
|
|
Index: node-v19.7.0/node.gyp
|
|
===================================================================
|
|
--- node-v19.7.0.orig/node.gyp
|
|
+++ node-v19.7.0/node.gyp
|
|
@@ -951,6 +951,7 @@
|
|
'deps/uvwasi/uvwasi.gyp:uvwasi',
|
|
'deps/simdutf/simdutf.gyp:simdutf',
|
|
'deps/ada/ada.gyp:ada',
|
|
+ 'fuzz_env'
|
|
],
|
|
|
|
'includes': [
|
|
@@ -1047,6 +1048,7 @@
|
|
'deps/histogram/histogram.gyp:histogram',
|
|
'deps/uvwasi/uvwasi.gyp:uvwasi',
|
|
'deps/ada/ada.gyp:ada',
|
|
+ 'cctest'
|
|
],
|
|
|
|
'includes': [
|