Hello community, here is the log from the commit of package nodejs12 for openSUSE:Factory checked in at 2020-02-10 21:54:21 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/nodejs12 (Old) and /work/SRC/openSUSE:Factory/.nodejs12.new.26092 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "nodejs12" Mon Feb 10 21:54:21 2020 rev:10 rq:772640 version:12.15.0 Changes: -------- --- /work/SRC/openSUSE:Factory/nodejs12/nodejs12.changes 2020-01-09 22:53:18.354790696 +0100 +++ /work/SRC/openSUSE:Factory/.nodejs12.new.26092/nodejs12.changes 2020-02-10 21:54:23.846223295 +0100 @@ -1,0 +2,14 @@ +Fri Feb 7 10:38:50 UTC 2020 - Adam Majer <adam.ma...@suse.de> + +- Update to LTS release 12.15.0: + * fixes a remotely triggerable assertion on a TLS server via a + crafted certificate string (CVE-2019-15604, bsc#1163104) + * fixes an HTTP request smuggling vulnerability via malformed + Transfer-Encoding header (CVE-2019-15605, bsc#1163102) + * trim HTTP header values of optional white space + (CVE-2019-15606, bsc#1163103) + * enabled stricter HTTP header parsing by default. + +- fix_ci_tests.patch: refreshed + +------------------------------------------------------------------- Old: ---- node-v12.14.1.tar.xz New: ---- node-v12.15.0.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ nodejs12.spec ++++++ --- /var/tmp/diff_new_pack.OOPaZY/_old 2020-02-10 21:54:24.666223748 +0100 +++ /var/tmp/diff_new_pack.OOPaZY/_new 2020-02-10 21:54:24.670223751 +0100 @@ -1,7 +1,7 @@ # # spec file for package nodejs12 # -# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -26,7 +26,7 @@ ########################################################### Name: nodejs12 -Version: 12.14.1 +Version: 12.15.0 Release: 0 %define node_version_number 12 @@ -387,6 +387,7 @@ # script, so we'll do it thus: export CFLAGS="%{optflags}" export CXXFLAGS="%{optflags} -Wno-class-memaccess -Wno-error=return-type" +export LDFLAGS="%{?build_ldflags}" %if 0%{?cc_exec:1} export CC=%{?cc_exec} ++++++ SHASUMS256.txt ++++++ --- /var/tmp/diff_new_pack.OOPaZY/_old 2020-02-10 21:54:24.702223768 +0100 +++ /var/tmp/diff_new_pack.OOPaZY/_new 2020-02-10 21:54:24.706223771 +0100 @@ -1,34 +1,34 @@ -7d7621ff0c037ea556284e382f3c5c98af0dad146786fef133a71cea1bd661fc node-v12.14.1-aix-ppc64.tar.gz -0be10a28737527a1e5e3784d3ad844d742fe8b0718acd701fd48f718fd3af78f node-v12.14.1-darwin-x64.tar.gz -aa6cfba37e018aec20f0870931b9a39b923697a2a1d84aad3292bdbad7bd6b18 node-v12.14.1-darwin-x64.tar.xz -944b436e1e8fe19b0c7397ebd3680abefe81d5958d9341bef99fbe0c9fffa93c node-v12.14.1-headers.tar.gz -9cd7975e52f2caf2b086d9276c36500e40ac68ec13b07d211a260c94f51ca9f0 node-v12.14.1-headers.tar.xz -fb1a20f37ef918033b0f2f9436b4a82e15128ce61e0de2378a4306ba7667cf4a node-v12.14.1-linux-arm64.tar.gz -6cd28a5e6340f596aec8dbfd6720f444f011e6b9018622290a60dbd17f9baff6 node-v12.14.1-linux-arm64.tar.xz -49c03bf2aa85b19a286a2dbad471b6dd89a8e4542564a41cd23b5b08e81b9c65 node-v12.14.1-linux-armv7l.tar.gz -ed4e625c84b877905eda4f356c8b4183c642e5ee6d59513d6329674ec23df234 node-v12.14.1-linux-armv7l.tar.xz -280c4f432261180004c33c6fe73b008b84926f9c5b2997e9df4da691d22e081b node-v12.14.1-linux-ppc64le.tar.gz -871bede5bf54a3596b485d9e42c37dd5832aedd999998964dfe991aff7cb3778 node-v12.14.1-linux-ppc64le.tar.xz -9aeed5fd472028228db8dc88b27b8f11ffc9af3c8ca3dedba49e6e02ea42a3d2 node-v12.14.1-linux-s390x.tar.gz -d734271d8ce8c9c0b9887bf246843fbac71c37c42bd2ef28ea5e2bfef0cd0f8a node-v12.14.1-linux-s390x.tar.xz -e21be7dd07cc143c480695d6214f40873a7791f437c1ca12fc94d45f539a47d9 node-v12.14.1-linux-x64.tar.gz -07cfcaa0aa9d0fcb6e99725408d9e0b07be03b844701588e3ab5dbc395b98e1b node-v12.14.1-linux-x64.tar.xz -043b4d3d35c3ede0c496d2cb32ce51e37d70bf5f21c0dc0598db7e2af46ac667 node-v12.14.1.pkg -17bcbf5e7b1b57f73f00bbb8e77e8f6393db41e4d4a1bfc6c2f601606681e659 node-v12.14.1-sunos-x64.tar.gz -ec6e3e9b33cfd7083b2e7203bfe54afb53cd40d5e027dcc57820e21e2f77948f node-v12.14.1-sunos-x64.tar.xz -42a7f0777fea8825611cb9250ff927824dba4f7aea854b47d522798acf4bdbc6 node-v12.14.1.tar.gz -877b4b842318b0e09bc754faf7343f2f097f0fc4f88ab9ae57cf9944e88e7adb node-v12.14.1.tar.xz -5f071589df21a6d2e99fc7a52649f0a7e5d5b36ef8f619bd7dbd39e6e2f47be2 node-v12.14.1-win-x64.7z -1f96ccce3ba045ecea3f458e189500adb90b8bc1a34de5d82fc10a5bf66ce7e3 node-v12.14.1-win-x64.zip -b94daef84daaf40e2a3841d8ecad679462ad48c2d5db83bc7d1289a27882a00c node-v12.14.1-win-x86.7z -0c780bb80cf24a036517bd293e676d56f1d75a0968bd75720e6d8436c64cfa2f node-v12.14.1-win-x86.zip -630bc34155e7fdb65c02ed44a37cd27dcf3f76a061c220e7af8baacdb0c2bb9c node-v12.14.1-x64.msi -ebb719fdb1e27782e0bc2110af1b836657fb1078353757da265d4256e5dfdb2b node-v12.14.1-x86.msi -47502c82c22d24fa38fd3b3e4b12e5298297cb15a0ecb9528aae4ac0e40248be win-x64/node.exe -30ec1ab45d9d22ad93e7c95691640d83818175b4fd74680d12a1f900a7d87f80 win-x64/node.lib -86ae4f23821a42f3bae166dc579fae1c59a1b0195f87b76bedc838c4b2570656 win-x64/node_pdb.7z -c4cac095f23af3272077d72dfe958238bf93c75effc25a387ce98adc56ec35d4 win-x64/node_pdb.zip -4a19c897619e96c3402608e1c4107c441efd05c3c0242b43bccffd7cee43385b win-x86/node.exe -87a49b27dfc454c5f8ff71dffb0c27322a8148a661d216741156ad61c2493cd1 win-x86/node.lib -080876ee76462d59275902f03f676021fabc8ed6ef545406efbedf41273acb55 win-x86/node_pdb.7z -930bf28f9400e7333b460fa1e7512c1902b0a3de54d16d0fe5eeb183ede1b411 win-x86/node_pdb.zip +4674d94402b8c0d79a9e20d4320652830032f0a7171cea2c815858b76d3d2ee9 node-v12.15.0-aix-ppc64.tar.gz +b6449cec39ac15b37abe4e59ef0eae50dcdfbf060c5276a01cc590f2a3372b7d node-v12.15.0-darwin-x64.tar.gz +fc2b68255c61663fe74338d372678fbb1fec367fef46924498e6d1b5e220c0b1 node-v12.15.0-darwin-x64.tar.xz +48e8ba40339e6cb9edc820f320b690b3401643e2c6bd36a7f2267ebf84cf98f2 node-v12.15.0-headers.tar.gz +44217fee8c0d003888783f65c36eec871d36b93d7347333b659633e30cbd85db node-v12.15.0-headers.tar.xz +9349bb00a522da9ecd0d2f9453b500904ccd56e271852ab2defb51a8c77a1aca node-v12.15.0-linux-arm64.tar.gz +c582cb65a0ec7f648618d3d33b4f87c374a3f930518b57eca1693828c965d6e5 node-v12.15.0-linux-arm64.tar.xz +53c4b21b23b8dc31da0ab9b5bdae7041d87fd7b7247e0b6cecaca36ca1d7e05d node-v12.15.0-linux-armv7l.tar.gz +a865e69914c568fcb28be7a1bf970236725a06a8fc66530799300181d2584a49 node-v12.15.0-linux-armv7l.tar.xz +91c4d019e2c86d088fcb0874f3dab6a074c354d4fe0fcce1fa2f535c86396f5e node-v12.15.0-linux-ppc64le.tar.gz +9b0c4faf637e9cd272964052933e7ff2ca05c50d89a473cf6f40031f55783fd0 node-v12.15.0-linux-ppc64le.tar.xz +3594746ef6a98d21e56b4f1c7a60526c53fd97750c9ba2347ffc3df24ea3b21a node-v12.15.0-linux-s390x.tar.gz +30f150720cc1a9f53d4d9a881961431428603dfe151cd487cdaec555f29db0c7 node-v12.15.0-linux-s390x.tar.xz +218279a33603b8bc958c46cce04c14851fd9d685bd21f5a39d6b98d08d80aae5 node-v12.15.0-linux-x64.tar.gz +63df953deb091c1500e1044bef01d1953117970e757e74e90d915e1a4a0d1c9c node-v12.15.0-linux-x64.tar.xz +f3c3103bcceb33898a8bc44c54d337c5bcb709dcdca95408e9307b6d4a86ca31 node-v12.15.0.pkg +4783ba63bcdfb8fa54cd4526401051df32835dc112cf7c11d64d98451ece20a6 node-v12.15.0-sunos-x64.tar.gz +b14aab80ccdf268f6347b17bd449217139fe46df3cceac00960e59ef835cec8b node-v12.15.0-sunos-x64.tar.xz +fb357de9262f60425ea3970dd09afd63312006a7b8355a808d358694e867f4fd node-v12.15.0.tar.gz +d2fb4fa80ccf321570552b0a6e6b5f2aedeb281a8450207b057cf54c54d5a81b node-v12.15.0.tar.xz +5b7d4beb9fc4c16b08b06de394b738caeec94f3d22d38f78ca02f386b9897f83 node-v12.15.0-win-x64.7z +48b29cab597962f12b0aac081522e6192bc8642c582cd0fc1bf51557273888da node-v12.15.0-win-x64.zip +a033ff4501155b3f0d63f08a40bf02d3bebd98485895ffd0cb638c6071eb6f6c node-v12.15.0-win-x86.7z +e76057fda953d964e9f53c1a210ca4daf7104072574744616eb079e053a0d3d9 node-v12.15.0-win-x86.zip +615fe16ec99ebb7de92cb0e1c343979f7ac9d943373e61cff17cd6a9f76547e8 node-v12.15.0-x64.msi +f558f19deea306c6caf167a687fe1ee65c4b191b1d327188c7f0d9fa7966d818 node-v12.15.0-x86.msi +51d09b8ce41fa3e6b7206141609e52e92f435b99e44932592cd529a9463bbf17 win-x64/node.exe +bd0c3ac36b1e484ddbc3de5e04abe399c1221057fabf16e74155b44af012504d win-x64/node.lib +9a644dfb80d9d6a4e01e83993b8c5de219130a39e5324ea78696d0ca7303c3bb win-x64/node_pdb.7z +7f7e3cff51f3d475e9f5427a74968cb83b2ef9625bcea006a9ac8ea1bc4fdf96 win-x64/node_pdb.zip +839ef38f0ed23a9dcca4f0a807e205f95e26370f35ec9ea9915721c06eda04f2 win-x86/node.exe +95fd2202f2ba9695cf4db59e932f50d3c96052e1d171797dfa955e348d96df1f win-x86/node.lib +d3659e3381a6c6fa7eec2ee0b340bc6049e47f23c055ef0d724d25bacabe4fdc win-x86/node_pdb.7z +cf15fcc38600ef4dc89c9a6e9eeb58a44ca35f9a59d9823dd0f839a8d6ee95d4 win-x86/node_pdb.zip ++++++ SHASUMS256.txt.sig ++++++ Binary files /var/tmp/diff_new_pack.OOPaZY/_old and /var/tmp/diff_new_pack.OOPaZY/_new differ ++++++ fix_ci_tests.patch ++++++ --- /var/tmp/diff_new_pack.OOPaZY/_old 2020-02-10 21:54:24.738223788 +0100 +++ /var/tmp/diff_new_pack.OOPaZY/_new 2020-02-10 21:54:24.738223788 +0100 @@ -2,10 +2,10 @@ Date: Dec 20 09:18:49 UTC 2017 Summary: Fix CI unit tests framework for OBS building -Index: node-v12.14.0/test/parallel/test-module-loading-globalpaths.js +Index: node-git.8252c06165/test/parallel/test-module-loading-globalpaths.js =================================================================== ---- node-v12.14.0.orig/test/parallel/test-module-loading-globalpaths.js -+++ node-v12.14.0/test/parallel/test-module-loading-globalpaths.js +--- node-git.8252c06165.orig/test/parallel/test-module-loading-globalpaths.js ++++ node-git.8252c06165/test/parallel/test-module-loading-globalpaths.js @@ -11,6 +11,9 @@ const { addLibraryPath } = require('../c addLibraryPath(process.env); @@ -16,11 +16,11 @@ if (process.argv[2] === 'child') { console.log(require(pkgName).string); } else { -Index: node-v12.14.0/test/parallel/test-tls-env-bad-extra-ca.js +Index: node-git.8252c06165/test/parallel/test-tls-env-bad-extra-ca.js =================================================================== ---- node-v12.14.0.orig/test/parallel/test-tls-env-bad-extra-ca.js -+++ node-v12.14.0/test/parallel/test-tls-env-bad-extra-ca.js -@@ -36,7 +36,7 @@ fork(__filename, opts) +--- node-git.8252c06165.orig/test/parallel/test-tls-env-bad-extra-ca.js ++++ node-git.8252c06165/test/parallel/test-tls-env-bad-extra-ca.js +@@ -37,7 +37,7 @@ fork(__filename, opts) // TODO(addaleax): Make `SafeGetenv` work like `process.env` // encoding-wise if (!common.isWindows) { @@ -29,10 +29,10 @@ assert(re.test(stderr), stderr); } })) -Index: node-v12.14.0/test/parallel/test-tls-passphrase.js +Index: node-git.8252c06165/test/parallel/test-tls-passphrase.js =================================================================== ---- node-v12.14.0.orig/test/parallel/test-tls-passphrase.js -+++ node-v12.14.0/test/parallel/test-tls-passphrase.js +--- node-git.8252c06165.orig/test/parallel/test-tls-passphrase.js ++++ node-git.8252c06165/test/parallel/test-tls-passphrase.js @@ -223,7 +223,7 @@ server.listen(0, common.mustCall(functio }, onSecureConnect()); })).unref(); @@ -51,10 +51,10 @@ // Invalid passphrase assert.throws(function() { -Index: node-v12.14.0/test/parallel/test-crypto-scrypt.js +Index: node-git.8252c06165/test/parallel/test-crypto-scrypt.js =================================================================== ---- node-v12.14.0.orig/test/parallel/test-crypto-scrypt.js -+++ node-v12.14.0/test/parallel/test-crypto-scrypt.js +--- node-git.8252c06165.orig/test/parallel/test-crypto-scrypt.js ++++ node-git.8252c06165/test/parallel/test-crypto-scrypt.js @@ -12,30 +12,6 @@ if (typeof internalBinding('crypto').scr common.skip('no scrypt support'); @@ -146,10 +146,10 @@ get [name]() { if (--accessCount === 0) return ''; -Index: node-v12.14.0/test/parallel/test-repl-envvars.js +Index: node-git.8252c06165/test/parallel/test-repl-envvars.js =================================================================== ---- node-v12.14.0.orig/test/parallel/test-repl-envvars.js -+++ node-v12.14.0/test/parallel/test-repl-envvars.js +--- node-git.8252c06165.orig/test/parallel/test-repl-envvars.js ++++ node-git.8252c06165/test/parallel/test-repl-envvars.js @@ -2,12 +2,14 @@ // Flags: --expose-internals @@ -166,10 +166,10 @@ const tests = [ { env: {}, -Index: node-v12.14.0/test/common/index.mjs +Index: node-git.8252c06165/test/common/index.mjs =================================================================== ---- node-v12.14.0.orig/test/common/index.mjs -+++ node-v12.14.0/test/common/index.mjs +--- node-git.8252c06165.orig/test/common/index.mjs ++++ node-git.8252c06165/test/common/index.mjs @@ -45,6 +45,7 @@ const { expectsError, skipIfInspectorDisabled, @@ -186,23 +186,10 @@ getArrayBufferViews, getBufferSources, disableCrashOnUnhandledRejection, -Index: node-v12.14.0/test/parallel/test-fs-utimes.js +Index: node-git.8252c06165/Makefile =================================================================== ---- node-v12.14.0.orig/test/parallel/test-fs-utimes.js -+++ node-v12.14.0/test/parallel/test-fs-utimes.js -@@ -145,7 +145,7 @@ const path = `${tmpdir.path}/test-utimes - fs.writeFileSync(path, ''); - - // Test Y2K38 for all platforms [except 'arm', 'OpenBSD' and 'SunOS'] --if (!process.arch.includes('arm') && !common.isOpenBSD && !common.isSunOS) { -+if (!process.arch.includes('arm') && process.arch !== 's390' && !common.isOpenBSD && !common.isSunOS) { - const Y2K38_mtime = 2 ** 31; - fs.utimesSync(path, Y2K38_mtime, Y2K38_mtime); - const Y2K38_stats = fs.statSync(path); -Index: node-v12.14.0/Makefile -=================================================================== ---- node-v12.14.0.orig/Makefile -+++ node-v12.14.0/Makefile +--- node-git.8252c06165.orig/Makefile ++++ node-git.8252c06165/Makefile @@ -486,7 +486,7 @@ test-all-valgrind: test-build $(PYTHON) tools/test.py $(PARALLEL_ARGS) --mode=debug,release --valgrind @@ -230,10 +217,10 @@ .PHONY: doc-only doc-only: tools/doc/node_modules \ -Index: node-v12.14.0/test/parallel/test-child-process-spawnsync-args.js +Index: node-git.8252c06165/test/parallel/test-child-process-spawnsync-args.js =================================================================== ---- node-v12.14.0.orig/test/parallel/test-child-process-spawnsync-args.js -+++ node-v12.14.0/test/parallel/test-child-process-spawnsync-args.js +--- node-git.8252c06165.orig/test/parallel/test-child-process-spawnsync-args.js ++++ node-git.8252c06165/test/parallel/test-child-process-spawnsync-args.js @@ -12,6 +12,8 @@ const tmpdir = require('../common/tmpdir const assert = require('assert'); const { spawnSync } = require('child_process'); @@ -243,10 +230,10 @@ const command = common.isWindows ? 'cd' : 'pwd'; const options = { cwd: tmpdir.path }; -Index: node-v12.14.0/test/parallel/test-dns.js +Index: node-git.8252c06165/test/parallel/test-dns.js =================================================================== ---- node-v12.14.0.orig/test/parallel/test-dns.js -+++ node-v12.14.0/test/parallel/test-dns.js +--- node-git.8252c06165.orig/test/parallel/test-dns.js ++++ node-git.8252c06165/test/parallel/test-dns.js @@ -320,16 +320,6 @@ common.expectsError(() => { }); ++++++ node-v12.14.1.tar.xz -> node-v12.15.0.tar.xz ++++++ /work/SRC/openSUSE:Factory/nodejs12/node-v12.14.1.tar.xz /work/SRC/openSUSE:Factory/.nodejs12.new.26092/node-v12.15.0.tar.xz differ: char 27, line 1