rpms
/
nodejs
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

import nodejs-18.16.1-2.module+el9.2.0.z+19546+89a27685

Browse Source
c9-stream-18 imports/c9-stream-18/nodejs-18.16.1-2.module+el9.2.0.z+19546+89a27685
MSVSphere Packaging Team 1 year ago
parent 54dd88a3a7
commit f0bf79cd5a
2 changed files with 26 additions and 1 deletions
Show Stats Download Patch File Download Diff File

20
SOURCES/nodejs-fips-disable-options.patch
Unescape View File

@ -0,0 +1,20 @@
FIPS related options cause a segfault, let's end sooner
Upstream report: https://github.com/nodejs/node/pull/48950
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2226726
This patch makes the part of the code that processes cmd-line options for
FIPS to end sooner before the code gets to the problematic part of the code.
diff -up node-v18.16.1/src/crypto/crypto_util.cc.origfips node-v18.16.1/src/crypto/crypto_util.cc
--- node-v18.16.1/src/crypto/crypto_util.cc.origfips 2023-07-31 12:09:46.603683081 +0200
+++ node-v18.16.1/src/crypto/crypto_util.cc 2023-07-31 12:16:16.906617914 +0200
@@ -111,6 +111,8 @@ bool ProcessFipsOptions() {
/* Override FIPS settings in configuration file, if needed. */
if (per_process::cli_options->enable_fips_crypto ||
per_process::cli_options->force_fips_crypto) {
+ fprintf(stderr, "ERROR: Using options related to FIPS is not recommended, configure FIPS in openssl instead. See https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/assembly_installing-the-system-in-fips-mode_security-hardening for more details.\n");
+ return false;
#if OPENSSL_VERSION_MAJOR >= 3
OSSL_PROVIDER* fips_provider = OSSL_PROVIDER_load(nullptr, "fips");
if (fips_provider == nullptr)

7
SPECS/nodejs.spec
Unescape View File

@ -29,7 +29,7 @@
# This is used by both the nodejs package and the npm subpackage that
# has a separate version - the name is special so that rpmdev-bumpspec
# will bump this rather than adding .1 to the end.
%global baserelease 1
%global baserelease 2
%{?!_pkgdocdir:%global _pkgdocdir %{_docdir}/%{name}-%{version}}
@ -190,6 +190,7 @@ Source112: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-14/wasi-sdk-
# Disable running gyp on bundled deps we don't use
Patch1: 0001-Disable-running-gyp-on-shared-deps.patch
Patch3: nodejs-fips-disable-options.patch
BuildRequires: make
BuildRequires: python3-devel
@ -629,6 +630,10 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules:%{buildroot}%{_prefix}/lib/nod
%changelog
* Mon Jul 31 2023 Honza Horak <hhorak@redhat.com> - 1:18.16.1-2
- Fix segfault that happens when processing fips-related options
Resolves: BZ#2226726
* Wed Jul 12 2023 Jan Staněk <jstanek@redhat.com> - 1:18.16.1-1
- Rebase to 18.16.1
Resolves: rhbz#2188292 rhbz#2187683

Write Preview
Loading…
Cancel
Save