Changelog |
* Thu Jul 13 2023 Jan Staněk <jstanek@redhat.com> - 1:16.20.1-1
- Rebase to 16.20.1
Resolves: rhbz#2188289
Resolves: CVE-2023-30581 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590
- Replace /usr/etc/npmrc symlink with builtin configuration
Resolves: rhbz#2222288
* Wed May 31 2023 Jan Staněk <jstanek@redhat.com> - 1:16.19.1-2
- Update bundled c-ares to 1.19.1
Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067
* Mon Feb 27 2023 Jan Staněk <jstanek@redhat.com> - 1:16.19.1-1
- Rebase to 16.19.1
Resolves: rhbz#2153713
Resolves: CVE-2023-23918 CVE-2023-23919 CVE-2023-23936 CVE-2023-24807 CVE-2023-23920
Resolves: CVE-2022-25881 CVE-2022-4904
* Wed Dec 07 2022 Jan Staněk <jstanek@redhat.com> - 1:16.18.1-3
- Update sources of undici WASM blobs
Resolves: rhbz#2151546
* Fri Dec 02 2022 Jan Staněk <jstanek@redhat.com> - 1:16.18.1-2
- Record CVE references already addressed in this or previous upstream versions
Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824
* Wed Nov 16 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.18.1-1
- Rebase + CVE fixes
- Resolves: #2121024
- Resolves: #2135490, #2140926
* Fri Oct 07 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.17.1-1
- Rebase to version 16.17.1
- Resolves: CVE-2022-35255 CVE-2022-35256
* Tue Aug 23 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.16.0-1
- Resolves: #2104754, #2108057, #2108062, #2108067, #2108072
- Resolves CVE-2022-29244, CVE-2022-32212/3/4/5
- Resolves: #2106285
- Rebase to latest release
* Mon Apr 25 2022 Jan Staněk <jstanek@redhat.com> - 1:16.14.0-5
- Unify configure calls into single command
- Refactor bootstrap-related parts
- Decouple dependency bundling from bootstrapping
* Mon Apr 11 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.14.0-4
- Apply lock file validation fixes
- Resolves: CVE-2021-43616
- Resolves: RHBZ#2070013
* Mon Dec 06 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.13.1-3
- Resolves: RHBZ#2026329
- Add corepack to spec
* Mon Dec 06 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.13.1-2
- Resolves: RHBZ#2026329
- Update npm version test
* Thu Dec 02 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.13.1-1
- Resolves: RHBZ#2014132, RHBZ#2014126, RHBZ#2013828, RHBZ#2024920
- Resolves: RHBZ#2026329
- Rebase to LTS release and to fix multiple low and medium CVEs
* Mon Sep 13 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.8.0-1
- Resolves CVE-2021-32803, CVE-2021-32804, CVE-2021-37701, CVE-2021-37712
- Resolves: RHBZ#1993948, RHBZ#1993941, RHBZ#2000151, RHBZ#2002176
* Mon Aug 30 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.7.0-2
- Resolves CVE-2021-22930, CVE-2021-22931, CVE-2021-22939,
- CVE-2021-22940, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672
- Resolves: RHBZ#1988608, RHBZ#1993816, RHBZ#1993810
- Resolves: RHBZ#1993097, RHBZ#1993948, RHBZ#1993941, RHBZ#1994963
- fix python3 in gyp
* Wed Aug 18 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.7.0-1
- Resolves CVE-2021-22930, CVE-2021-22931, CVE-2021-22939,
- CVE-2021-22940, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672
- Resolves: RHBZ#1988608, RHBZ#1993816, RHBZ#1993810
- Resolves: RHBZ#1993097, RHBZ#1993948, RHBZ#1993941, RHBZ#1994963
* Fri Jul 09 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.4.2-1
- Resolves: RHBZ#1979847
- Resolves CVE-2021-22918(libuv)
- Use system cipher list(1842826, 1952915)
* Tue May 11 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.1.0-1
- Resolves: RHBZ#1953991
- Rebase to v16.x
- Update version of gcc and gcc-c++ needed
- Remove libs conditionals
- Remove unused patches
- Bundle nghttp3 and ngtcp2
* Mon Mar 01 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.16.0-2
- Resolves RHBZ#1930775
- remove --debug-nghttp2 option
* Mon Mar 01 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.16.0-1
- Resolves CVE-2021-22883 CVE-2021-22884
- Resolves: RHBZ#1934566, RHBZ#1934599
- Rebase, remove ini patch
* Tue Jan 26 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.15.4-2
- Add patch for yarn crash
- Resolves: RHBZ#1915296
* Tue Jan 19 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.15.4-1
- Security rebase to 14.15.4
- https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/
- Resolves: RHBZ#1913001, RHBZ#1912953
- Resolves: RHBZ#1912636, RHBZ#1898602, RHBZ#1898768, RHBZ#1893987, RHBZ#1893184
* Thu Oct 29 2020 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.15.0-1
- Resolves: RHBZ#1858864
- Update to LTS release
* Mon Sep 21 2020 Jan Staněk <jstanek@redhat.com> - 1:14.11.0-1
- Security update to 14.11.0
* Wed Jun 03 2020 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.4.0-1
- Security update to 14.4.0
- Resolves: RHBZ#1815402
* Thu May 21 2020 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.3.0-1
- Update to 14.3.0
- Fix optflags to save memory
- Resolves: RHBZ#1815402
* Wed May 06 2020 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.2.0-1
- Update to 14.2.0
- build with python3 only
- some clean up
* Tue Mar 17 2020 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:12.16.1-2
- Fix CVE-2020-10531
* Thu Feb 20 2020 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:12.16.1-1
- Rebase to 12.16.1
* Wed Jan 15 2020 Jan Staněk <jstanek@redhat.com> - 1:12.14.1-1
- Rebase to 12.14.1
* Fri Nov 29 2019 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:12.13.1-1
- Resolves: RHBZ# 1773503, update to 12.13.1
- minor clean up and sync with Fedora spec
- turn off debug builds
* Thu Aug 01 2019 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:12.4.0-2
- Add condition to libs
* Wed Jun 12 2019 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:12.4.0-1
- Update to v12.x
- Add v8-devel and libs subpackages from fedora
* Thu Mar 14 2019 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:10.14.1-2
- move nodejs-packaging BR out of conditional
* Tue Dec 11 2018 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:10.14.1-1
- Resolves RHBZ#1644207
- fixes node-gyp permissions
- rebase
* Thu Oct 11 2018 Jan Staněk <jstanek@redhat.com> - 1:10.11.0-2
- BuildRequire nodejs-packaging for proper npm dependency generation
- Resolves: rhbz#1615947
* Mon Oct 08 2018 Jan Staněk <jstanek@redhat.com> - 1:10.11.0-1
- Rebase to 10.11.0
- Import changes from fedora
- Resolves: rhbz#1621766
* Mon Jul 30 2018 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:10.7.0-5
- Import sources from fedora
- Allow using python2 at %build and %install
- turn off debug for aarch64
* Fri Jul 20 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:10.7.0-4
- Fix npm upgrade scriptlet
- Fix unexpected trailing .1 in npm release field
* Fri Jul 20 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:10.7.0-3
- Restore annotations to binaries
- Fix unexpected trailing .1 in release field
* Thu Jul 19 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:10.7.0-2
- Update to 10.7.0
- https://nodejs.org/en/blog/release/v10.7.0/
- https://nodejs.org/en/blog/release/v10.6.0/
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1:10.5.0-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Thu Jun 21 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:10.5.0-1
- Update to 10.5.0
- https://nodejs.org/en/blog/release/v10.5.0/
* Thu Jun 14 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:10.4.1-1
- Update to 10.4.1 to address security issues
- https://nodejs.org/en/blog/release/v10.4.1/
- Resolves: rhbz#1590801
- Resolves: rhbz#1591014
- Resolves: rhbz#1591019
* Thu Jun 07 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:10.4.0-1
- Update to 10.4.0
- https://nodejs.org/en/blog/release/v10.4.0/
* Wed May 30 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:10.3.0-1
- Update to 10.3.0
- Update npm to 6.1.0
- https://nodejs.org/en/blog/release/v10.3.0/
* Tue May 29 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:10.2.1-2
- Fix up bare 'python' to be python2
- Drop redundant entry in docs section
* Fri May 25 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:10.2.1-1
- Update to 10.2.1
- https://nodejs.org/en/blog/release/v10.2.1/
* Wed May 23 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:10.2.0-1
- Update to 10.2.0
- https://nodejs.org/en/blog/release/v10.2.0/
* Thu May 10 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:10.1.0-3
- Fix incorrect rpm macro
* Thu May 10 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:10.1.0-2
- Include upstream v8 fix for ppc64[le]
- Disable debug build on ppc64[le] and s390x
* Wed May 09 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:10.1.0-1
- Update to 10.1.0
- https://nodejs.org/en/blog/release/v10.1.0/
- Reenable node_g binary
* Thu Apr 26 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:10.0.0-1
- Update to 10.0.0
- https://nodejs.org/en/blog/release/v10.0.0/
- Drop workaround patch
- Temporarily drop node_g binary due to
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85587
* Fri Apr 13 2018 Rafael dos Santos <rdossant@redhat.com> - 1:9.11.1-2
- Use standard Fedora linker flags (bug #1543859)
* Thu Apr 05 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:9.11.1-1
- Update to 9.11.1
- https://nodejs.org/en/blog/release/v9.11.0/
- https://nodejs.org/en/blog/release/v9.11.1/
* Wed Mar 28 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:9.10.0-1
- Update to 9.10.0
- https://nodejs.org/en/blog/release/v9.10.0/
* Wed Mar 21 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:9.9.0-1
- Update to 9.9.0
- https://nodejs.org/en/blog/release/v9.9.0/
* Thu Mar 08 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:9.8.0-1
- Update to 9.8.0
- https://nodejs.org/en/blog/release/v9.8.0/
* Thu Mar 01 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:9.7.0-1
- Update to 9.7.0
- https://nodejs.org/en/blog/release/v9.7.0/
- Work around F28 build issue
* Sun Feb 25 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:9.6.1-1
- Update to 9.6.1
- https://nodejs.org/en/blog/release/v9.6.1/
- https://nodejs.org/en/blog/release/v9.6.0/
* Mon Feb 05 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:9.5.0-1
- Package Node.js 9.5.0
* Thu Jan 11 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:8.9.4-2
- Fix incorrect Requires:
* Thu Jan 11 2018 Stephen Gallagher <sgallagh@redhat.com> - 1:8.9.4-1
- Update to 8.9.4
- https://nodejs.org/en/blog/release/v8.9.4/
- Switch to system copy of nghttp2
* Fri Dec 08 2017 Stephen Gallagher <sgallagh@redhat.com> - 1:8.9.3-2
- Update to 8.9.3
- https://nodejs.org/en/blog/release/v8.9.3/
- https://nodejs.org/en/blog/release/v8.9.2/
* Thu Nov 30 2017 Pete Walter <pwalter@fedoraproject.org> - 1:8.9.1-2
- Rebuild for ICU 60.1
* Thu Nov 09 2017 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:8.9.1-1
- Update to 8.9.1
* Tue Oct 31 2017 Stephen Gallagher <sgallagh@redhat.com> - 1:8.9.0-1
- Update to 8.9.0
- Drop upstreamed patch
* Thu Oct 26 2017 Stephen Gallagher <sgallagh@redhat.com> - 1:8.8.1-1
- Update to 8.8.1 to fix a regression
* Wed Oct 25 2017 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:8.8.0-1
- Security update to 8.8.0
- https://nodejs.org/en/blog/release/v8.8.0/
* Sun Oct 15 2017 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:8.7.0-1
- Update to 8.7.0
- https://nodejs.org/en/blog/release/v8.7.0/
* Fri Oct 06 2017 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:8.6.0-2
- Use bcond macro instead of bootstrap conditional
* Wed Sep 27 2017 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:8.6.0-1
- Fix nghttp2 version
- Update to 8.6.0
- https://nodejs.org/en/blog/release/v8.6.0/
* Wed Sep 20 2017 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:8.5.0-3
- Build with bootstrap + bundle libuv for modularity
- backport patch for aarch64 debug build
* Wed Sep 13 2017 Stephen Gallagher <sgallagh@redhat.com> - 1:8.5.0-2
- Disable debug builds on aarch64 due to https://github.com/nodejs/node/issues/15395
* Tue Sep 12 2017 Stephen Gallagher <sgallagh@redhat.com> - 1:8.5.0-1
- Update to v8.5.0
- https://nodejs.org/en/blog/release/v8.5.0/
* Thu Sep 07 2017 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:8.4.0-2
- Refactor openssl BR
* Wed Aug 16 2017 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:8.4.0-1
- Update to v8.4.0
- https://nodejs.org/en/blog/release/v8.4.0/
- http2 is now supported, add bundled nghttp2
- remove openssl 1.0.1 patches, we won't be using them in fedora
* Thu Aug 10 2017 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:8.3.0-1
- Update to v8.3.0
- https://nodejs.org/en/blog/release/v8.3.0/
- update V8 to 6.0
- update minimal gcc and g++ requirements to 4.9.4
* Wed Aug 09 2017 Tom Hughes <tom@compton.nu> - 1:8.2.1-2
- Bump release to fix broken dependencies
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1:8.2.1-1.2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1:8.2.1-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri Jul 21 2017 Stephen Gallagher <sgallagh@redhat.com> - 1:8.2.1-1
- Update to v8.2.1
- https://nodejs.org/en/blog/release/v8.2.1/
* Thu Jul 20 2017 Stephen Gallagher <sgallagh@redhat.com> - 1:8.2.0-1
- Update to v8.2.0
- https://nodejs.org/en/blog/release/v8.2.0/
- Update npm to 5.3.0
- Adds npx command
* Tue Jul 18 2017 Igor Gnatenko <ignatenko@redhat.com> - 1:8.1.4-3
- s/BuildRequires/Requires/ for http-parser-devel%{?_isa}
* Mon Jul 17 2017 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:8.1.4-2
- Rename python-devel to python2-devel
- own %{_pkgdocdir}/npm
* Tue Jul 11 2017 Stephen Gallagher <sgallagh@redhat.com> - 1:8.1.4-1
- Update to v8.1.4
- https://nodejs.org/en/blog/release/v8.1.4/
- Drop upstreamed c-ares patch
* Thu Jun 29 2017 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:8.1.3-1
- Update to v8.1.3
- https://nodejs.org/en/blog/release/v8.1.3/
* Wed Jun 28 2017 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:8.1.2-1
- Update to v8.1.2
- remove GCC 7 patch, as it is now fixed in node >= 6.12
|