mirror of
https://src.fedoraproject.org/rpms/nodejs18.git
synced 2024-11-28 02:54:52 +00:00
Update to 18.18.2
This is a security release. The following CVEs are fixed in this release: * [CVE-2023-44487](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487): `nghttp2` Security Release (High) * [CVE-2023-45143](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45143): `undici` Security Release (High) * [CVE-2023-38552](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38552): Integrity checks according to policies can be circumvented (Medium) * [CVE-2023-39333](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39333): Code injection via WebAssembly export names (Low) More detailed information on each of the vulnerabilities can be found in [October 2023 Security Releases](https://nodejs.org/en/blog/vulnerability/october-2023-security-releases/) blog post. Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
This commit is contained in:
parent
01f499c7e2
commit
7252990188
2 changed files with 7 additions and 7 deletions
|
@ -27,7 +27,7 @@
|
|||
%global nodejs_epoch 1
|
||||
%global nodejs_major 18
|
||||
%global nodejs_minor 18
|
||||
%global nodejs_patch 0
|
||||
%global nodejs_patch 2
|
||||
# nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h
|
||||
%global nodejs_soversion 108
|
||||
%global nodejs_abi %{nodejs_soversion}
|
||||
|
@ -71,10 +71,10 @@
|
|||
%global llhttp_version 6.0.11
|
||||
|
||||
# libuv - from deps/uv/include/uv/version.h
|
||||
%global libuv_version 1.46.0
|
||||
%global libuv_version 1.44.2
|
||||
|
||||
# nghttp2 - from deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h
|
||||
%global nghttp2_version 1.55.0
|
||||
%global nghttp2_version 1.57.0
|
||||
|
||||
# ICU - from tools/icu/current_ver.dep
|
||||
%global icu_major 73
|
||||
|
@ -145,7 +145,7 @@ Source203: v8.pc.in
|
|||
# These are generated by nodejs-sources.sh
|
||||
Source101: cjs-module-lexer-1.2.2-stripped.tar.gz
|
||||
Source102: wasi-sdk-11.0-linux.tar.gz
|
||||
Source111: undici-5.22.1-stripped.tar.gz
|
||||
Source111: undici-5.26.3-stripped.tar.gz
|
||||
Source112: wasi-sdk-20.0-linux.tar.gz
|
||||
|
||||
Patch: 0001-Fedora-specific-patches.patch
|
||||
|
|
6
sources
6
sources
|
@ -1,7 +1,7 @@
|
|||
SHA512 (node-v18.18.0-stripped.tar.gz) = 698ff5cc65064293e018e8ccb54d5be18fafa5e42720a8a10576e7585447c51883f0c885578dffd34d420af46fb68a6196462ffddd56b141f6b4a38c4177528d
|
||||
SHA512 (node-v18.18.2-stripped.tar.gz) = bb36ffff9cac15d93771b5cc1fd5f3767ee1f315264596b31dc8476b637a202b9e00f5dcca1e39b94146fa2def78cd919b6c9a3d5454bdf8b051520065239477
|
||||
SHA512 (icu4c-73_2-data-bin-b.zip) = 8512947da7b2a927627abed6bd7e04218cd4fcd02d44eb72a82ffa87aedabfc3be5d3152e9fba33a769ef35e2db55764c2ab8f5bd65b4e89aa9c15b33392e078
|
||||
SHA512 (icu4c-73_2-data-bin-l.zip) = 420c2f5090927dab13f5449da3b0ec7bf86a91ea8723f177aca2907a8eea9bcb4c3475b66c54355ae320001813db57a00afdab00bd85b8c36d39adedcab80bfc
|
||||
SHA512 (cjs-module-lexer-1.2.2-stripped.tar.gz) = 154579771a6d652ad8fbfc44ca661fa726ce63cb9ce259db170c1f33c5aee5038bd532dd00f49a17434e66aeb52407e6abe3e2a2da505d4e54c485f738ba4e60
|
||||
SHA512 (cjs-module-lexer-1.2.2-stripped.tar.gz) = b6321404e47ff41c92bf164f0d3bdb3071a302c583883a9a3ee9de78a6751fc61c52b9732c164aaef857840b22145ef3d3ade319265bdd739c22dc899318090c
|
||||
SHA512 (wasi-sdk-11.0-linux.tar.gz) = e3ed4597f7f2290967eef6238e9046f60abbcb8633a4a2a51525d00e7393df8df637a98a5b668217d332dd44fcbf2442ec7efd5e65724e888d90611164451e20
|
||||
SHA512 (undici-5.22.1-stripped.tar.gz) = e9af5f4983f1aa9ef0f3306a1d3c156e494f06eae97a73bd03b30ed9fa3260fe3b40537eb84cf3313427fe045dbaca66485632bfdecb98920100f846a1208228
|
||||
SHA512 (undici-5.26.3-stripped.tar.gz) = 94a568a6c1aad93d8085716d31804360bf26c4d943a34381a30491917d0c274765dbcdf62a26bda7064a5db3fae522ce6bca2d65af1ba3bc5627e359c4cdf27e
|
||||
SHA512 (wasi-sdk-20.0-linux.tar.gz) = ff3d368267526887534f50767ff010bd368e9c24178ab2f0cf57a8ed0b3a82fbf85986d620ab2327ac6bb3f456c65adc6edb80626a1289e630dde7e43b191b42
|
||||
|
|
Loading…
Reference in a new issue