summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Jérémy Lal [Wed, 20 Dec 2023 17:07:36 +0000 (18:07 +0100)]
use system-installed node-gyp for building test modules
Last-Update: 2015-09-09
Forwarded: not-needed
Gbp-Pq: Topic deps
Gbp-Pq: Name node_gyp.patch
Jérémy Lal [Wed, 20 Dec 2023 17:07:36 +0000 (18:07 +0100)]
do not use dns.ADDRCONFIG for localhost
Last-Update: 2020-06-11
Bug-Debian: https://bugs.debian.org/962318
Forwarded: https://github.com/nodejs/node/issues/33816
it fails on IPv6-only systems. Setting it with libc fails on linux.
https://github.com/nodejs/node/issues/33279
Gbp-Pq: Topic deps
Gbp-Pq: Name localhost-no-addrconfig.patch
Jérémy Lal [Wed, 20 Dec 2023 17:07:36 +0000 (18:07 +0100)]
keep nodejs compatible with libc-ares public headers
Forwarded: not-needed
Last-Update: 2021-10-20
Gbp-Pq: Topic deps
Gbp-Pq: Name cares.patch
Jérémy Lal [Wed, 20 Dec 2023 17:07:36 +0000 (18:07 +0100)]
adapt test-ci build target for buildd
Forwarded: not-needed
Reviewed-By: Xavier Guimard <yadd@debian.org>
Last-Update: 2020-02-09
* run tests with ./node
* remove addons from test-ci suite, because it creates a dependency loop
nodejs -> node-gyp -> nodejs which is painful to manage.
* disabled because it requires stdin:
+ test-stdout-close-unref
+ test-regress-GH-746
* test-tick-processor fails on ppc64 and s390x, currently investigated
https://github.com/nodejs/node/issues/2471
* test-cluster-disconnect sometimes fails on busy buildd, forwarded upstream
https://github.com/nodejs/node/issues/3383
* test-fs-watch is flaky, might be related to https://github.com/nodejs/node/issues/4082
* huge timeout value for all platforms, buildd could be busy
* test-npm-install and test-release-npm must fail, debian package dfsg-repacked npm out
* ability to override CI_NATIVE_SUITES, CI_JS_SUITES
* disable tests failing because DNS is disabled
* sequential/test-http2-session-timeout is flaky https://github.com/nodejs/node/issues/20628
Gbp-Pq: Topic build
Gbp-Pq: Name test_ci.patch
Jérémy Lal [Wed, 20 Dec 2023 17:07:36 +0000 (18:07 +0100)]
Link to -latomic by default
Last-Update: 2019-10-25
Forwarded: not-needed
Bug: https://github.com/nodejs/node/pull/28532
Bug: https://github.com/nodejs/node/issues/30093
This avoids surprises on mips*el/ppc*el
Gbp-Pq: Topic build
Gbp-Pq: Name flag_atomic.patch
Jérémy Lal [Wed, 20 Dec 2023 17:07:36 +0000 (18:07 +0100)]
build doc using marked and js-yaml
Forwarded: not-needed
Reviewed-By: Xavier Guimard <yadd@debian.org>
Last-Update: 2021-03-03
While waiting for unified/remarked/rehyped modules to be available in debian
Gbp-Pq: Topic build
Gbp-Pq: Name doc.patch
Jérémy Lal [Wed, 20 Dec 2023 17:07:36 +0000 (18:07 +0100)]
do not build cctest, build broken on debian
Last-Update: 2017-12-18
Forwarded: not yet !
Gbp-Pq: Topic build
Gbp-Pq: Name cctest_disable.patch
Jérémy Lal [Wed, 20 Dec 2023 17:07:36 +0000 (18:07 +0100)]
add acorn, walk to shared builtins
Last-Update: 2022-09-28
Forwarded: https://github.com/nodejs/node/pull/44376
Gbp-Pq: Topic build
Gbp-Pq: Name more_shareable_builtins.patch
Jérémy Lal [Wed, 20 Dec 2023 17:07:36 +0000 (18:07 +0100)]
debian openssl in testing or sid (3.0.11, 3.1.4) does not seem to have that different behavior
Last-Update: 2023-11-03
Gbp-Pq: Topic build
Gbp-Pq: Name openssl_3011_without_new_error_message.patch
Sebastian Andrzej Siewior [Fri, 23 Sep 2022 20:39:50 +0000 (22:39 +0200)]
[PATCH] Add a CipherString for nodejs
If the default security level is overwritten at build time of openssl
then it is needed to lower it again for nodejs in order to pass the
testsuite because it is using smoil keys.
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Gbp-Pq: Topic build
Gbp-Pq: Name openssl_config_explicit_lower.patch
Jérémy Lal [Wed, 20 Dec 2023 17:07:36 +0000 (18:07 +0100)]
nodejs (18.19.0+dfsg-6~deb12u1) bookworm-security; urgency=medium
* Upstream update.
* CVE-2023-23918: Permissions policies can be bypassed via
process.mainModule. Closes #
1031834.
* CVE-2023-23919: OpenSSL error handling issues in nodejs crypto
library. Closes: #
1031834.
* CVE-2023-23920: Insecure loading of ICU data through ICU_DATA
environment variable. Closes: #
1031834.
* CVE-2023-30590: DiffieHellman do not generate keys after setting a
private key. Closes: #
1039990.
* CVE-2023-30589: HTTP Request Smuggling via Empty headers separated by CR.
Closes: #1039990.
* CVE-2023-30588: Process interuption due to invalid Public Key information
in x509 certificates. Closes: #
1039990.
* CVE-2023-32559: Permissions policies can be bypassed via process.binding.
Closes: #1050739.
* CVE-2023-30581: mainModule.proto bypass experimental policy mechanism.
Closes: #1039990.
* CVE-2023-32002: Permissions policies can be bypassed via Module._load.
Closes: #1050739.
* CVE-2023-32006: Permissions policies can impersonate other modules in
using module.constructor.createRequire(). Closes: #
1050739.
* CVE-2023-38552: Integrity checks according to policies can be
circumvented. Closes: #
1054892.
* CVE-2023-39333: Code injection via WebAssembly export names.
Closes: #1054892.
[dgit import unpatched nodejs 18.19.0+dfsg-6~deb12u1]
Jérémy Lal [Wed, 20 Dec 2023 17:07:36 +0000 (18:07 +0100)]
Import nodejs_18.19.0+dfsg-6~deb12u1.debian.tar.xz
[dgit import tarball nodejs 18.19.0+dfsg-6~deb12u1 nodejs_18.19.0+dfsg-6~deb12u1.debian.tar.xz]
Jérémy Lal [Fri, 1 Dec 2023 00:23:44 +0000 (01:23 +0100)]
Import nodejs_18.19.0+dfsg.orig.tar.xz
[dgit import orig nodejs_18.19.0+dfsg.orig.tar.xz]
Jérémy Lal [Fri, 1 Dec 2023 00:23:44 +0000 (01:23 +0100)]
Import nodejs_18.19.0+dfsg.orig-ada.tar.xz
[dgit import orig nodejs_18.19.0+dfsg.orig-ada.tar.xz]
Jérémy Lal [Fri, 1 Dec 2023 00:23:44 +0000 (01:23 +0100)]
Import nodejs_18.19.0+dfsg.orig-types-node.tar.xz
[dgit import orig nodejs_18.19.0+dfsg.orig-types-node.tar.xz]
projects / nodejs.git / log