import nodejs-20.16.0-1.module+el9.4.0+22197+9e60f127

.gitignore

@@ -1,6 +1,6 @@
 SOURCES/cjs-module-lexer-1.2.2.tar.gz
 SOURCES/icu4c-75_1-src.tgz
-SOURCES/node-v20.14.0-stripped.tar.gz
-SOURCES/undici-6.13.0.tar.gz
+SOURCES/node-v20.16.0-stripped.tar.gz
+SOURCES/undici-6.19.2.tar.gz
 SOURCES/wasi-sdk-11.0-linux.tar.gz
 SOURCES/wasi-sdk-16.0-linux.tar.gz

.nodejs.metadata

@@ -1,6 +1,6 @@
 164f7f39841415284b0280a648c43bd7ea1615ac SOURCES/cjs-module-lexer-1.2.2.tar.gz
 da3614aa496c5f0fde12f7aa155f235b5e239f1b SOURCES/icu4c-75_1-src.tgz
-19fcaf5747bfb4680e6f05471c670bf3383ae7b9 SOURCES/node-v20.14.0-stripped.tar.gz
-85aca53a0e7dec0305078b256cd2ea5636e3cf7f SOURCES/undici-6.13.0.tar.gz
+f5c3411098f91526d7ce14b14b080e368510ae93 SOURCES/node-v20.16.0-stripped.tar.gz
+0653ac16ef498878fffefea0fa1f7e870cdfc249 SOURCES/undici-6.19.2.tar.gz
 ff114dd45b4efeeae7afe4621bfc6f886a475b4b SOURCES/wasi-sdk-11.0-linux.tar.gz
 fbe01909bf0e8260fcc3696ec37c9f731b5e356a SOURCES/wasi-sdk-16.0-linux.tar.gz

SOURCES/0002-Disable-FIPS-options.patch

@@ -50,9 +50,8 @@ index 1216f3a..fbfcb26 100644
      if (val) return;
      throw new ERR_CRYPTO_FIPS_FORCED();
 diff --git a/lib/internal/errors.js b/lib/internal/errors.js
-index def4949..580ca7a 100644
---- a/lib/internal/errors.js
-+++ b/lib/internal/errors.js
+--- a/lib/internal/errors.js.patch0002	2024-08-07 15:29:09.366357433 +0200
++++ b/lib/internal/errors.js	2024-08-07 15:29:14.392366591 +0200
 @@ -1112,6 +1112,12 @@ module.exports = {
  //
  // Note: Node.js specific errors must begin with the prefix ERR_
@@ -64,8 +63,8 @@ index def4949..580ca7a 100644
 +  Error);
 +
  E('ERR_ACCESS_DENIED',
-   'Access to this API has been restricted. Permission: %s',
-   Error);
+   function(msg, permission = '', resource = '') {
+     this.permission = permission;
 diff --git a/src/crypto/crypto_util.cc b/src/crypto/crypto_util.cc
 index 5734d8f..ef9d1b1 100644
 --- a/src/crypto/crypto_util.cc

SPECS/nodejs.spec

@@ -43,7 +43,7 @@
 # than a Fedora release lifecycle.
 %global nodejs_epoch 1
 %global nodejs_major 20
-%global nodejs_minor 14
+%global nodejs_minor 16
 %global nodejs_patch 0
 %global nodejs_abi %{nodejs_major}.%{nodejs_minor}
 # nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h
@@ -68,7 +68,7 @@
 
 # c-ares - from deps/cares/include/ares_version.h
 # https://github.com/nodejs/node/pull/9332
-%global c_ares_version 1.28.1
+%global c_ares_version 1.31.0
 
 # llhttp - from deps/llhttp/include/llhttp.h
 %global llhttp_version 8.1.2
@@ -108,7 +108,7 @@
 %global simduft_version 5.2.8
 
 # ada from deps/ada/ada.h
-%global ada_version 2.7.8
+%global ada_version 2.8.0
 
 # OpenSSL minimum version
 %global openssl_minimum 1:1.1.1
@@ -121,7 +121,7 @@
 
 # npm - from deps/npm/package.json
 %global npm_epoch 1
-%global npm_version 10.7.0
+%global npm_version 10.8.1
 
 # In order to avoid needing to keep incrementing the release version for the
 # main package forever, we will just construct one for npm that is guaranteed
@@ -183,7 +183,7 @@ Source111: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-11/wasi-sdk-
 # Original: https://github.com/nodejs/undici/archive/refs/tags/v6.13.0.tar.gz
 # Adjustments: rm -f undici-6.13.0/lib/llhttp/llhttp*.wasm
 # wasi-sdk version can be found in lib/llhttp/wasm_build_env.txt
-Source102: undici-6.13.0.tar.gz
+Source102: undici-6.19.2.tar.gz
 Source112: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-16/wasi-sdk-16.0-linux.tar.gz
 
 # Disable running gyp on bundled deps we don't use
@@ -634,6 +634,10 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules:%{buildroot}%{_prefix}/lib/nod
 
 
 %changelog
+* Mon Aug 05 2024 Honza Horak <hhorak@redhat.com> - 1:20.16.0-1
+- Update to 20.16.0
+  Fixes: CVE-2024-36137 CVE-2024-22018 CVE-2024-22020
+
 * Tue Jun 11 2024 Jan Staněk <jstanek@redhat.com> - 1:20.14.0-1
 - Update to version 20.14.0