projects / buildroot.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 79e2301)
package/nodejs: security bump to version 12.22.4
authorPeter Korsgaard <peter@korsgaard.com>
Sun, 8 Aug 2021 18:02:23 +0000 (20:02 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Sun, 8 Aug 2021 19:34:42 +0000 (21:34 +0200)
Fixes the following security issues:

- CVE-2021-22930: Use after free on close http2 on stream canceling (High)

  Node.js is vulnerable to a use after free attack where an attacker might
  be able to exploit the memory corruption, to change process behavior.

Drop 0002-Fix-build-with-ICU-68.patch as this is now fixed upstream since
https://github.com/nodejs/node/commit/e459c79b02

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/nodejs/0002-Fix-build-with-ICU-68.patch [deleted file] patch | blob | history
package/nodejs/nodejs.hash patch | blob | history
package/nodejs/nodejs.mk patch | blob | history

diff --git a/package/nodejs/0002-Fix-build-with-ICU-68.patch b/package/nodejs/0002-Fix-build-with-ICU-68.patch
deleted file mode 100644 (file)
index 2d6ac01..0000000
--- a/package/nodejs/0002-Fix-build-with-ICU-68.patch
+++ /dev/null
@@ -1,101 +0,0 @@
-From 1504de672ec44080d08a97c479a23727a9c31d8b Mon Sep 17 00:00:00 2001
-From: James Hilliard <james.hilliard1@gmail.com>
-Date: Mon, 19 Jul 2021 03:35:30 -0600
-Subject: [PATCH] Fix build with ICU >= 68.
-
-Adapted from:
-https://chromium-review.googlesource.com/c/v8/v8/+/2477751
-
-Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
-[Upstream status:
-https://github.com/nodejs/node/pull/39440]
----
- deps/v8/src/objects/js-list-format.cc | 32 +++++++++++++++++++++++++++
- 1 file changed, 32 insertions(+)
-
-diff --git a/deps/v8/src/objects/js-list-format.cc b/deps/v8/src/objects/js-list-format.cc
-index 4f303b1874..2101f8e507 100644
---- a/deps/v8/src/objects/js-list-format.cc
-+++ b/deps/v8/src/objects/js-list-format.cc
-@@ -29,6 +29,7 @@ namespace v8 {
- namespace internal {
- namespace {
-+#if U_ICU_VERSION_MAJOR_NUM < 68
- const char* kStandard = "standard";
- const char* kOr = "or";
- const char* kUnit = "unit";
-@@ -41,8 +42,24 @@ const char* kUnitNarrow = "unit-narrow";
- const char* GetIcuStyleString(JSListFormat::Style style,
-                               JSListFormat::Type type) {
-+#else
-+UListFormatterWidth GetIcuWidth(JSListFormat::Style style) {
-+  switch (style) {
-+    case JSListFormat::Style::LONG:
-+      return ULISTFMT_WIDTH_WIDE;
-+    case JSListFormat::Style::SHORT:
-+      return ULISTFMT_WIDTH_SHORT;
-+    case JSListFormat::Style::NARROW:
-+      return ULISTFMT_WIDTH_NARROW;
-+  }
-+  UNREACHABLE();
-+}
-+
-+UListFormatterType GetIcuType(JSListFormat::Type type) {
-+#endif
-   switch (type) {
-     case JSListFormat::Type::CONJUNCTION:
-+#if U_ICU_VERSION_MAJOR_NUM < 68
-       switch (style) {
-         case JSListFormat::Style::LONG:
-           return kStandard;
-@@ -51,7 +68,11 @@ const char* GetIcuStyleString(JSListFormat::Style style,
-         case JSListFormat::Style::NARROW:
-           return kStandardNarrow;
-       }
-+#else
-+      return ULISTFMT_TYPE_AND;
-+#endif
-     case JSListFormat::Type::DISJUNCTION:
-+#if U_ICU_VERSION_MAJOR_NUM < 68
-       switch (style) {
-         case JSListFormat::Style::LONG:
-           return kOr;
-@@ -60,7 +81,11 @@ const char* GetIcuStyleString(JSListFormat::Style style,
-         case JSListFormat::Style::NARROW:
-           return kOrNarrow;
-       }
-+#else
-+      return ULISTFMT_TYPE_OR;
-+#endif
-     case JSListFormat::Type::UNIT:
-+#if U_ICU_VERSION_MAJOR_NUM < 68
-       switch (style) {
-         case JSListFormat::Style::LONG:
-           return kUnit;
-@@ -69,6 +94,9 @@ const char* GetIcuStyleString(JSListFormat::Style style,
-         case JSListFormat::Style::NARROW:
-           return kUnitNarrow;
-       }
-+#else
-+      return ULISTFMT_TYPE_UNITS;
-+#endif
-   }
-   UNREACHABLE();
- }
-@@ -170,7 +198,11 @@ MaybeHandle<JSListFormat> JSListFormat::New(Isolate* isolate, Handle<Map> map,
-   icu::Locale icu_locale = r.icu_locale;
-   UErrorCode status = U_ZERO_ERROR;
-   icu::ListFormatter* formatter = icu::ListFormatter::createInstance(
-+#if U_ICU_VERSION_MAJOR_NUM < 68
-       icu_locale, GetIcuStyleString(style_enum, type_enum), status);
-+#else
-+      icu_locale, GetIcuType(type_enum), GetIcuWidth(style_enum), status);
-+#endif
-   if (U_FAILURE(status)) {
-     delete formatter;
-     FATAL("Failed to create ICU list formatter, are ICU data files missing?");
--- 
-2.25.1
-
diff --git a/package/nodejs/nodejs.hash b/package/nodejs/nodejs.hash
index d94942e7c087239577f81a9ee5f6550c35d1461d..7d11a8d104a6dd4ae3c92a3206fec90fc90966ad 100644 (file)
--- a/package/nodejs/nodejs.hash
+++ b/package/nodejs/nodejs.hash
@@ -1,5 +1,5 @@
-# From https://nodejs.org/dist/v12.22.3/SHASUMS256.txt
-sha256  350211fae3a688f41889680c8efcf689353a2e36b62b9dc2b408340986857190  node-v12.22.3.tar.xz
+# From https://nodejs.org/dist/v12.22.4/SHASUMS256.txt
+sha256  44cd4eab131e5282fc923e9e720d983a0b44c12e4aa4f6c3598dc97ae1e4cd4c  node-v12.22.4.tar.xz
 
 # Hash for license file
 sha256  221417a7ca275112a5ac54639b36ee3c5184e74631ea1e1b01b701293b655190  LICENSE
diff --git a/package/nodejs/nodejs.mk b/package/nodejs/nodejs.mk
index 2731a7c667570fbff42cda498521da8688b04c38..08d2f6d7c1693c36053481a06e17f9f33e9f173d 100644 (file)
--- a/package/nodejs/nodejs.mk
+++ b/package/nodejs/nodejs.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-NODEJS_VERSION = 12.22.3
+NODEJS_VERSION = 12.22.4
 NODEJS_SOURCE = node-v$(NODEJS_VERSION).tar.xz
 NODEJS_SITE = http://nodejs.org/dist/v$(NODEJS_VERSION)
 NODEJS_DEPENDENCIES = host-python host-nodejs c-ares \