disable test because it depends on postject, which is dfsg-excluded

Last-Update: 2023-11-30
Forwarded: not-needed

HELP is welcome to solve this

Gbp-Pq: Topic build
Gbp-Pq: Name disable_sea_dfsg_postject.patch

build using ada upstream tarball component

Last-Update: 2023-11-30
Forwarded: not-needed

Gbp-Pq: Topic build
Gbp-Pq: Name ada.patch

Harmonize V8 stack sizes on ARM architectures to match almost all other architectures

Last-Update: 2023-02-28
Forwarded: https://github.com/nodejs/node/issues/41163

Gbp-Pq: Topic arm64
Gbp-Pq: Name stacksize.patch

Use system paths for builtins

Last-Update: 2023-02-22
Forwarded: not-needed

Gbp-Pq: Topic build
Gbp-Pq: Name test_process_versions.patch

fix link to home in html api

Forwarded: not needed, in conflict with the meaning of home page
Last-Update: 06-11-2022

Gbp-Pq: Topic build
Gbp-Pq: Name doc_template_home.html

allow vfp2 and allow setting arm_version option

Last-Update: 2022-08-29
Forwarded: https://github.com/nodejs/node/issues/44357

Gbp-Pq: Topic armel
Gbp-Pq: Name configure.patch

test does not pass on riscv64

Last-Update: 2022-12-14
Forwarded: not-yet

Gbp-Pq: Topic riscv
Gbp-Pq: Name flaky_tests.patch

skip buffer NaN internal representation check this fails on whatever archs having other internal representations of NaN.

Last-Update: 2022-05-02
Forwarded: https://github.com/nodejs/node/issues/42945

Gbp-Pq: Topic build
Gbp-Pq: Name skip-buffer-nan-internal-check.patch

fix double register usage on mipsel

Forwarded: not-yet
Last-Update: 2022-06-15

Gbp-Pq: Topic mips
Gbp-Pq: Name mipsel_even_register_fix.patch

mipsel in debian supports 32-bit processors

Forwarded: not-needed
Last-Update: 2021-11-03

Gbp-Pq: Topic mips
Gbp-Pq: Name mipsel_is_32.patch

mksnapshot uses too much memory on 32-bit mipsel

Last-Update: 2020-06-03
Forwarded: https://bugs.chromium.org/p/v8/issues/detail?id=10586

Gbp-Pq: Topic mips
Gbp-Pq: Name less_mem.patch

use configuration directive to set mips fpu mode

Forwarded: https://github.com/paul99/v8m-rb/issues/192
Last-Update: 2015-09-29

Gbp-Pq: Topic mips
Gbp-Pq: Name fpu.patch

fix compilation error on mipsel target

Last-Update: 2021-10-28
Forwarded: https://github.com/nodejs/node/issues/40624

Gbp-Pq: Topic mips
Gbp-Pq: Name compilation_error.patch

remove google font from template.html, and link to local

Last-Update: 2015-09-09
Forwarded: not-needed

Gbp-Pq: Topic dfsg
Gbp-Pq: Name privacy_breach.patch

Multiarch search path, arch triplet, DFHS path for modules

Last-Update: 2018-09-30
Last-Update: 2020-03-04
Forwarded: https://github.com/nodejs/node/issues/22745
Reviewed-By: Xavier Guimard <yadd@debian.org>
Gbp-Pq: Topic dfsg
Gbp-Pq: Name multilib_modules.patch

a test uses a benchmark that read alice.html, dfsg excluded

Forwarded: not-needed
Reviewed-By: Xavier Guimard <yadd@debian.org>
Last-Update: 2020-03-04

Gbp-Pq: Topic dfsg
Gbp-Pq: Name benchmark_without_alice.patch

use system-installed node-gyp for building test modules

Last-Update: 2015-09-09
Forwarded: not-needed

Gbp-Pq: Topic deps
Gbp-Pq: Name node_gyp.patch

do not use dns.ADDRCONFIG for localhost

Last-Update: 2020-06-11
Bug-Debian: https://bugs.debian.org/962318
Forwarded: https://github.com/nodejs/node/issues/33816

it fails on IPv6-only systems. Setting it with libc fails on linux.
https://github.com/nodejs/node/issues/33279

Gbp-Pq: Topic deps
Gbp-Pq: Name localhost-no-addrconfig.patch

keep nodejs compatible with libc-ares public headers

Forwarded: not-needed
Last-Update: 2021-10-20

Gbp-Pq: Topic deps
Gbp-Pq: Name cares.patch

adapt test-ci build target for buildd

Forwarded: not-needed
Reviewed-By: Xavier Guimard <yadd@debian.org>
Last-Update: 2020-02-09

* run tests with ./node
* remove addons from test-ci suite, because it creates a dependency loop
  nodejs -> node-gyp -> nodejs which is painful to manage.
* disabled because it requires stdin:
  + test-stdout-close-unref
  + test-regress-GH-746
* test-tick-processor fails on ppc64 and s390x, currently investigated
  https://github.com/nodejs/node/issues/2471
* test-cluster-disconnect sometimes fails on busy buildd, forwarded upstream
  https://github.com/nodejs/node/issues/3383
* test-fs-watch is flaky, might be related to https://github.com/nodejs/node/issues/4082
* huge timeout value for all platforms, buildd could be busy
* test-npm-install and test-release-npm must fail, debian package dfsg-repacked npm out
* ability to override CI_NATIVE_SUITES, CI_JS_SUITES
* disable tests failing because DNS is disabled
* sequential/test-http2-session-timeout is flaky https://github.com/nodejs/node/issues/20628

Gbp-Pq: Topic build
Gbp-Pq: Name test_ci.patch

Link to -latomic by default

Last-Update: 2019-10-25
Forwarded: not-needed
Bug: https://github.com/nodejs/node/pull/28532
Bug: https://github.com/nodejs/node/issues/30093

This avoids surprises on mips*el/ppc*el

Gbp-Pq: Topic build
Gbp-Pq: Name flag_atomic.patch

build doc using marked and js-yaml

Forwarded: not-needed
Reviewed-By: Xavier Guimard <yadd@debian.org>
Last-Update: 2021-03-03

While waiting for unified/remarked/rehyped modules to be available in debian

Gbp-Pq: Topic build
Gbp-Pq: Name doc.patch

do not build cctest, build broken on debian

Last-Update: 2017-12-18
Forwarded: not yet !

Gbp-Pq: Topic build
Gbp-Pq: Name cctest_disable.patch

add acorn, walk to shared builtins

Last-Update: 2022-09-28
Forwarded: https://github.com/nodejs/node/pull/44376

Gbp-Pq: Topic build
Gbp-Pq: Name more_shareable_builtins.patch

debian openssl in testing or sid (3.0.11, 3.1.4) does not seem to have that different behavior

Last-Update: 2023-11-03

Gbp-Pq: Topic build
Gbp-Pq: Name openssl_3011_without_new_error_message.patch

[PATCH] Add a CipherString for nodejs

If the default security level is overwritten at build time of openssl
then it is needed to lower it again for nodejs in order to pass the
testsuite because it is using smoil keys.

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Gbp-Pq: Topic build
Gbp-Pq: Name openssl_config_explicit_lower.patch

nodejs (18.19.0+dfsg-6~deb12u1) bookworm-security; urgency=medium

  * Upstream update.
  * CVE-2023-23918: Permissions policies can be bypassed via
    process.mainModule. Closes #1031834.
  * CVE-2023-23919: OpenSSL error handling issues in nodejs crypto
    library. Closes: #1031834.
  * CVE-2023-23920: Insecure loading of ICU data through ICU_DATA
    environment variable. Closes: #1031834.
  * CVE-2023-30590: DiffieHellman do not generate keys after setting a
    private key. Closes: #1039990.
  * CVE-2023-30589: HTTP Request Smuggling via Empty headers separated by CR.
Closes: #1039990.
  * CVE-2023-30588: Process interuption due to invalid Public Key information
    in x509 certificates. Closes: #1039990.
  * CVE-2023-32559: Permissions policies can be bypassed via process.binding.
Closes: #1050739.
  * CVE-2023-30581: mainModule.proto bypass experimental policy mechanism.
Closes: #1039990.
  * CVE-2023-32002: Permissions policies can be bypassed via Module._load.
Closes: #1050739.
  * CVE-2023-32006: Permissions policies can impersonate other modules in
    using module.constructor.createRequire(). Closes: #1050739.
  * CVE-2023-38552: Integrity checks according to policies can be
    circumvented. Closes: #1054892.
  * CVE-2023-39333: Code injection via WebAssembly export names.
Closes: #1054892.
[dgit import unpatched nodejs 18.19.0+dfsg-6~deb12u1]

Import nodejs_18.19.0+dfsg-6~deb12u1.debian.tar.xz

[dgit import tarball nodejs 18.19.0+dfsg-6~deb12u1 nodejs_18.19.0+dfsg-6~deb12u1.debian.tar.xz]

Import nodejs_18.19.0+dfsg.orig.tar.xz

[dgit import orig nodejs_18.19.0+dfsg.orig.tar.xz]

Import nodejs_18.19.0+dfsg.orig-ada.tar.xz

[dgit import orig nodejs_18.19.0+dfsg.orig-ada.tar.xz]

Import nodejs_18.19.0+dfsg.orig-types-node.tar.xz

[dgit import orig nodejs_18.19.0+dfsg.orig-types-node.tar.xz]