Verified Commit be8dcd2c authored by Max Rees's avatar Max Rees
Browse files

user/node: [CVE] bump to 10.21.0 (#300), unvendor openssl

parent 58a870ec
# Contributor: A. Wilcox <awilfox@adelielinux.org> # Contributor: A. Wilcox <awilfox@adelielinux.org>
# Maintainer: A. Wilcox <awilfox@adelielinux.org> # Maintainer: A. Wilcox <awilfox@adelielinux.org>
pkgname=node pkgname=node
pkgver=10.19.0 pkgver=10.21.0
pkgrel=0 pkgrel=0
pkgdesc="JavaScript runtime" pkgdesc="JavaScript runtime"
url="https://nodejs.org/" url="https://nodejs.org/"
arch="all" arch="all"
license="MIT AND ICU AND BSD-3-Clause AND BSD-2-Clause AND ISC AND OpenSSL AND Public-Domain AND Zlib AND Artistic-2.0 AND Apache-2.0 AND CC0-1.0" options="net" # Required in check()
license="MIT AND ICU AND BSD-3-Clause AND BSD-2-Clause AND ISC AND Public-Domain AND Zlib AND Artistic-2.0 AND Apache-2.0 AND CC0-1.0"
depends="" depends=""
makedepends="c-ares-dev http-parser-dev icu-dev libexecinfo-dev libuv-dev makedepends="c-ares-dev http-parser-dev icu-dev libexecinfo-dev libuv-dev
nghttp2-dev python3 zlib-dev" nghttp2-dev>=1.41 openssl-dev python3 zlib-dev"
subpackages="$pkgname-dev $pkgname-doc" subpackages="$pkgname-dev $pkgname-doc"
source="https://nodejs.org/download/release/v$pkgver/node-v$pkgver.tar.xz source="https://nodejs.org/download/release/v$pkgver/node-v$pkgver.tar.xz
https://www.python.org/ftp/python/2.7.15/Python-2.7.15.tar.xz https://www.python.org/ftp/python/2.7.15/Python-2.7.15.tar.xz
...@@ -30,11 +31,15 @@ builddir="$srcdir/$pkgname-v$pkgver" ...@@ -30,11 +31,15 @@ builddir="$srcdir/$pkgname-v$pkgver"
# - CVE-2019-9516 # - CVE-2019-9516
# - CVE-2019-9517 # - CVE-2019-9517
# - CVE-2019-9518 # - CVE-2019-9518
# 10.21.0-r0:
# - CVE-2020-7598
# - CVE-2020-8174
unpack() { unpack() {
default_unpack default_unpack
[ -z $SKIP_PYTHON ] || return 0 [ -z $SKIP_PYTHON ] || return 0
# TODO: when bumping to 12.x, python3 should be usable
msg "Killing all remaining hope for humanity and building Python 2..." msg "Killing all remaining hope for humanity and building Python 2..."
cd "$srcdir/Python-2.7.15" cd "$srcdir/Python-2.7.15"
[ -d ../python ] && rm -r ../python [ -d ../python ] && rm -r ../python
...@@ -47,7 +52,6 @@ unpack() { ...@@ -47,7 +52,6 @@ unpack() {
build() { build() {
export PATH="$srcdir/python/bin:$PATH" export PATH="$srcdir/python/bin:$PATH"
# We can't use --shared-openssl until 1.1 is available.
python ./configure.py \ python ./configure.py \
--prefix=/usr \ --prefix=/usr \
--with-intl=system-icu \ --with-intl=system-icu \
...@@ -55,15 +59,24 @@ build() { ...@@ -55,15 +59,24 @@ build() {
--shared-http-parser \ --shared-http-parser \
--shared-libuv \ --shared-libuv \
--shared-nghttp2 \ --shared-nghttp2 \
--openssl-no-asm \ --shared-openssl \
--openssl-use-def-ca-store \
--shared-zlib --shared-zlib
# keep DESTDIR set, to avoid a full rebuild in package() # keep DESTDIR set, to avoid a full rebuild in package()
make DESTDIR="$pkgdir" make DESTDIR="$pkgdir"
} }
check() { check() {
case "$CARCH" in
pmmx)
# https://bts.adelielinux.org/show_bug.cgi?id=306
_skip="parallel/test-http-invalid-te,parallel/test-worker-stdio"
;;
esac
export PATH="$srcdir/python/bin:$PATH" export PATH="$srcdir/python/bin:$PATH"
make DESTDIR="$pkgdir" test-only make DESTDIR="$pkgdir" test-only \
${_skip:+CI_SKIP_TESTS="$_skip"}
} }
package() { package() {
...@@ -71,7 +84,7 @@ package() { ...@@ -71,7 +84,7 @@ package() {
make DESTDIR="$pkgdir" install make DESTDIR="$pkgdir" install
} }
sha512sums="512efc58415ed789938c434af131d76bdd51772cac9f7e380afaa79d83cc9c433a979068fc7272adba6ba6551d195267978e1fc819236926b0d1fd6cf91c5eee node-v10.19.0.tar.xz sha512sums="613d3c1bca79ea5f127dc6793de2b5cfdfa056c01ec092e3b7ee79205894b21ca5ec4a367265122641dd1d360c675cfb36a4f7892894194ddd18abd1b2206544 node-v10.21.0.tar.xz
27ea43eb45fc68f3d2469d5f07636e10801dee11635a430ec8ec922ed790bb426b072da94df885e4dfa1ea8b7a24f2f56dd92f9b0f51e162330f161216bd6de6 Python-2.7.15.tar.xz 27ea43eb45fc68f3d2469d5f07636e10801dee11635a430ec8ec922ed790bb426b072da94df885e4dfa1ea8b7a24f2f56dd92f9b0f51e162330f161216bd6de6 Python-2.7.15.tar.xz
8f64922d586bce9d82c83042a989739cc55ecc5e015778cdfbda21c257aa50527ddb18740985bcb2068e4a749b71eb8a135d9a8152b374d361589df7f33c9b60 libatomic.patch 8f64922d586bce9d82c83042a989739cc55ecc5e015778cdfbda21c257aa50527ddb18740985bcb2068e4a749b71eb8a135d9a8152b374d361589df7f33c9b60 libatomic.patch
6d37794c7c78ef92ebb845852af780e22dc8c14653b63a8609c21ab6860877b9dffc5cf856a8516b7978ec704f312c0627075c6440ace55d039f95bdc4c85add ppc32.patch 6d37794c7c78ef92ebb845852af780e22dc8c14653b63a8609c21ab6860877b9dffc5cf856a8516b7978ec704f312c0627075c6440ace55d039f95bdc4c85add ppc32.patch
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment