diff --git a/.gitignore b/.gitignore
index ef831e8..f881379 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,2 @@
SOURCES/icu4c-69_1-src.tgz
-SOURCES/node-v14.17.5-stripped.tar.gz
+SOURCES/node-v14.18.2-stripped.tar.gz
diff --git a/.nodejs.metadata b/.nodejs.metadata
index 7f1e486..6dbf0a6 100644
--- a/.nodejs.metadata
+++ b/.nodejs.metadata
@@ -1,2 +1,2 @@
620a71c84428758376baa0fb81a581c3daa866ce SOURCES/icu4c-69_1-src.tgz
-cdb2e0bdf9693d85a58d7b8576a4595618e0909e SOURCES/node-v14.17.5-stripped.tar.gz
+bba4efed29ee2e3e9078b955890d9b68f6750f6a SOURCES/node-v14.18.2-stripped.tar.gz
diff --git a/SOURCES/0001-deps-ansi-regex-fix-potential-ReDoS.patch b/SOURCES/0001-deps-ansi-regex-fix-potential-ReDoS.patch
new file mode 100644
index 0000000..b23946b
--- /dev/null
+++ b/SOURCES/0001-deps-ansi-regex-fix-potential-ReDoS.patch
@@ -0,0 +1,74 @@
+From e040864f2797b9c705bac5862581d5f190510e04 Mon Sep 17 00:00:00 2001
+From: rpm-build <rpm-build>
+Date: Thu, 9 Dec 2021 15:48:46 +0100
+Subject: [PATCH] deps(ansi-regex): fix potential ReDoS
+
+This is the upstream fix [1] applied to all applicable bundled deps.
+
+[1]: https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
+
+Fixes: CVE-2021-3807
+Signed-off-by: rpm-build <rpm-build>
+---
+ deps/npm/node_modules/cliui/node_modules/ansi-regex/index.js | 2 +-
+ .../node_modules/string-width/node_modules/ansi-regex/index.js | 2 +-
+ .../npm/node_modules/wrap-ansi/node_modules/ansi-regex/index.js | 2 +-
+ deps/npm/node_modules/yargs/node_modules/ansi-regex/index.js | 2 +-
+ 4 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/deps/npm/node_modules/cliui/node_modules/ansi-regex/index.js b/deps/npm/node_modules/cliui/node_modules/ansi-regex/index.js
+index c254480..9e37ec3 100644
+--- a/deps/npm/node_modules/cliui/node_modules/ansi-regex/index.js
++++ b/deps/npm/node_modules/cliui/node_modules/ansi-regex/index.js
+@@ -6,7 +6,7 @@ module.exports = options => {
+ }, options);
+
+ const pattern = [
+- '[\\u001B\\u009B][[\\]()#;?]*(?:(?:(?:[a-zA-Z\\d]*(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]*)*)?\\u0007)',
++ '[\\u001B\\u009B][[\\]()#;?]*(?:(?:(?:(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]+)*|[a-zA-Z\\d]+(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]*)*)?\\u0007)',
+ '(?:(?:\\d{1,4}(?:;\\d{0,4})*)?[\\dA-PR-TZcf-ntqry=><~]))'
+ ].join('|');
+
+diff --git a/deps/npm/node_modules/string-width/node_modules/ansi-regex/index.js b/deps/npm/node_modules/string-width/node_modules/ansi-regex/index.js
+index c4aaecf..7d32201 100644
+--- a/deps/npm/node_modules/string-width/node_modules/ansi-regex/index.js
++++ b/deps/npm/node_modules/string-width/node_modules/ansi-regex/index.js
+@@ -2,7 +2,7 @@
+
+ module.exports = () => {
+ const pattern = [
+- '[\\u001B\\u009B][[\\]()#;?]*(?:(?:(?:[a-zA-Z\\d]*(?:;[a-zA-Z\\d]*)*)?\\u0007)',
++ '[\\u001B\\u009B][[\\]()#;?]*(?:(?:(?:(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]+)*|[a-zA-Z\\d]+(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]*)*)?\\u0007)',
+ '(?:(?:\\d{1,4}(?:;\\d{0,4})*)?[\\dA-PRZcf-ntqry=><~]))'
+ ].join('|');
+
+diff --git a/deps/npm/node_modules/wrap-ansi/node_modules/ansi-regex/index.js b/deps/npm/node_modules/wrap-ansi/node_modules/ansi-regex/index.js
+index c254480..9e37ec3 100644
+--- a/deps/npm/node_modules/wrap-ansi/node_modules/ansi-regex/index.js
++++ b/deps/npm/node_modules/wrap-ansi/node_modules/ansi-regex/index.js
+@@ -6,7 +6,7 @@ module.exports = options => {
+ }, options);
+
+ const pattern = [
+- '[\\u001B\\u009B][[\\]()#;?]*(?:(?:(?:[a-zA-Z\\d]*(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]*)*)?\\u0007)',
++ '[\\u001B\\u009B][[\\]()#;?]*(?:(?:(?:(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]+)*|[a-zA-Z\\d]+(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]*)*)?\\u0007)',
+ '(?:(?:\\d{1,4}(?:;\\d{0,4})*)?[\\dA-PR-TZcf-ntqry=><~]))'
+ ].join('|');
+
+diff --git a/deps/npm/node_modules/yargs/node_modules/ansi-regex/index.js b/deps/npm/node_modules/yargs/node_modules/ansi-regex/index.js
+index c254480..9e37ec3 100644
+--- a/deps/npm/node_modules/yargs/node_modules/ansi-regex/index.js
++++ b/deps/npm/node_modules/yargs/node_modules/ansi-regex/index.js
+@@ -6,7 +6,7 @@ module.exports = options => {
+ }, options);
+
+ const pattern = [
+- '[\\u001B\\u009B][[\\]()#;?]*(?:(?:(?:[a-zA-Z\\d]*(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]*)*)?\\u0007)',
++ '[\\u001B\\u009B][[\\]()#;?]*(?:(?:(?:(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]+)*|[a-zA-Z\\d]+(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]*)*)?\\u0007)',
+ '(?:(?:\\d{1,4}(?:;\\d{0,4})*)?[\\dA-PR-TZcf-ntqry=><~]))'
+ ].join('|');
+
+--
+2.33.1
+
+
diff --git a/SOURCES/0002-deps-json-schema-protect-against-prototype-pollution.patch b/SOURCES/0002-deps-json-schema-protect-against-prototype-pollution.patch
new file mode 100644
index 0000000..2f0a58b
--- /dev/null
+++ b/SOURCES/0002-deps-json-schema-protect-against-prototype-pollution.patch
@@ -0,0 +1,73 @@
+From 25661e4fc0e7c6a3d47bc189f886af76b1ecafa1 Mon Sep 17 00:00:00 2001
+From: rpm-build <rpm-build>
+Date: Thu, 9 Dec 2021 13:01:08 +0100
+Subject: [PATCH] deps(json-schema): protect against prototype pollution
+
+Amalgamation of the following upstream patches:
+https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741
+https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a
+https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa
+
+Fixes: CVE-2021-3918
+Signed-off-by: rpm-build <rpm-build>
+---
+ .../node_modules/json-schema/lib/validate.js | 4 +--
+ .../node_modules/json-schema/test/tests.js | 28 ++++++++++++++++++-
+ 2 files changed, 29 insertions(+), 3 deletions(-)
+
+diff --git a/deps/npm/node_modules/json-schema/lib/validate.js b/deps/npm/node_modules/json-schema/lib/validate.js
+index 4b61088..d05ee86 100644
+--- a/deps/npm/node_modules/json-schema/lib/validate.js
++++ b/deps/npm/node_modules/json-schema/lib/validate.js
+@@ -209,8 +209,8 @@ var validate = exports._validate = function(/*Any*/instance,/*Object*/schema,/*O
+ }
+
+ for(var i in objTypeDef){
+- if(objTypeDef.hasOwnProperty(i)){
+- var value = instance[i];
++ if(objTypeDef.hasOwnProperty(i) && i != '__proto__' && i != 'constructor'){
++ var value = instance.hasOwnProperty(i) ? instance[i] : undefined;
+ // skip _not_ specified properties
+ if (value === undefined && options.existingOnly) continue;
+ var propDef = objTypeDef[i];
+diff --git a/deps/npm/node_modules/json-schema/test/tests.js b/deps/npm/node_modules/json-schema/test/tests.js
+index 40eeda5..70f515a 100644
+--- a/deps/npm/node_modules/json-schema/test/tests.js
++++ b/deps/npm/node_modules/json-schema/test/tests.js
+@@ -91,5 +91,31 @@ var suite = vows.describe('JSON Schema').addBatch({
+
+ 'Json-Ref self-validates': assertSelfValidates('json-ref'),
+ 'Json-Ref/Hyper': assertValidates('json-ref', 'hyper-schema'),
+- 'Json-Ref/Core': assertValidates('json-ref', 'schema')
++ 'Json-Ref/Core': assertValidates('json-ref', 'schema'),
++ prototypePollution: function() {
++ console.log('testing')
++ const instance = JSON.parse(`
++ {
++ "$schema":{
++ "type": "object",
++ "properties":{
++ "__proto__": {
++ "type": "object",
++
++ "properties":{
++ "polluted": {
++ "type": "string",
++ "default": "polluted"
++ }
++ }
++ }
++ },
++ "__proto__": {}
++ }
++ }`);
++
++ const a = {};
++ validate(instance);
++ assert.equal(a.polluted, undefined);
++ }
+ }).export(module);
+--
+2.33.1
+
+
diff --git a/SOURCES/0005-CVE-2021-23343-nodejs-path-parse.patch b/SOURCES/0005-CVE-2021-23343-nodejs-path-parse.patch
deleted file mode 100644
index 201721d..0000000
--- a/SOURCES/0005-CVE-2021-23343-nodejs-path-parse.patch
+++ /dev/null
@@ -1,180 +0,0 @@
-https://github.com/jbgutierrez/path-parse/pull/10
-
-From 72c38e3a36b8ed2ec03960ac659aa114cbe6a420 Mon Sep 17 00:00:00 2001
-From: Jeffrey Pinyan <jeffrey.pinyan@ithreat.com>
-Date: Thu, 13 May 2021 10:53:50 -0400
-Subject: [PATCH 1/2] fixed regexes to avoid ReDoS attacks
-
-Signed-off-by: rpm-build <rpm-build>
----
- deps/npm/node_modules/path-parse/index.js | 6 +++---
- deps/npm/node_modules/path-parse/redos.js | 20 ++++++++++++++++++++
- 2 files changed, 23 insertions(+), 3 deletions(-)
- create mode 100644 deps/npm/node_modules/path-parse/redos.js
-
-diff --git a/deps/npm/node_modules/path-parse/index.js b/deps/npm/node_modules/path-parse/index.js
-index 3b7601f..e6b2af1 100644
---- a/deps/npm/node_modules/path-parse/index.js
-+++ b/deps/npm/node_modules/path-parse/index.js
-@@ -5,11 +5,11 @@ var isWindows = process.platform === 'win32';
- // Regex to split a windows path into three parts: [*, device, slash,
- // tail] windows-only
- var splitDeviceRe =
-- /^([a-zA-Z]:|[\\\/]{2}[^\\\/]+[\\\/]+[^\\\/]+)?([\\\/])?([\s\S]*?)$/;
-+ /^([a-zA-Z]:|[\\\/]{2}[^\\\/]+[\\\/]+[^\\\/]+)?([\\\/])?(.*)$/s;
-
- // Regex to split the tail part of the above into [*, dir, basename, ext]
- var splitTailRe =
-- /^([\s\S]*?)((?:\.{1,2}|[^\\\/]+?|)(\.[^.\/\\]*|))(?:[\\\/]*)$/;
-+ /^((?:[^\\\/]*[\\\/])*)((?:\.{1,2}|[^\\\/]+?|)(\.[^.\/\\]*|))(?:[\\\/]*)$/;
-
- var win32 = {};
-
-@@ -51,7 +51,7 @@ win32.parse = function(pathString) {
- // Split a filename into [root, dir, basename, ext], unix version
- // 'root' is just a slash, or nothing.
- var splitPathRe =
-- /^(\/?|)([\s\S]*?)((?:\.{1,2}|[^\/]+?|)(\.[^.\/]*|))(?:[\/]*)$/;
-+ /^(\/?|)((?:[^\/]*\/)*)((?:\.{1,2}|[^\/]+?|)(\.[^.\/]*|))(?:[\/]*)$/;
- var posix = {};
-
-
-diff --git a/deps/npm/node_modules/path-parse/redos.js b/deps/npm/node_modules/path-parse/redos.js
-new file mode 100644
-index 0000000..261947f
---- /dev/null
-+++ b/deps/npm/node_modules/path-parse/redos.js
-@@ -0,0 +1,20 @@
-+var pathParse = require('.');
-+
-+function build_attack(n) {
-+ var ret = ""
-+ for (var i = 0; i < n; i++) {
-+ ret += "/"
-+ }
-+ return ret + "◎";
-+}
-+
-+for(var i = 1; i <= 5000000; i++) {
-+ if (i % 10000 == 0) {
-+ var time = Date.now();
-+ var attack_str = build_attack(i)
-+ pathParse.posix(attack_str);
-+ pathParse.win32(attack_str);
-+ var time_cost = Date.now() - time;
-+ console.log("attack_str.length: " + attack_str.length + ": " + time_cost+" ms")
-+ }
-+}
---
-2.31.1
-
-
-From 44d1c9cd047988bb819707c726d9640f8aabe04d Mon Sep 17 00:00:00 2001
-From: Jeffrey Pinyan <jeffrey.pinyan@ithreat.com>
-Date: Thu, 13 May 2021 11:51:45 -0400
-Subject: [PATCH 2/2] streamlined regexes, simplified parse() returns
-
-Signed-off-by: rpm-build <rpm-build>
----
- deps/npm/node_modules/path-parse/index.js | 52 ++++++++---------------
- 1 file changed, 17 insertions(+), 35 deletions(-)
-
-diff --git a/deps/npm/node_modules/path-parse/index.js b/deps/npm/node_modules/path-parse/index.js
-index e6b2af1..f062d0a 100644
---- a/deps/npm/node_modules/path-parse/index.js
-+++ b/deps/npm/node_modules/path-parse/index.js
-@@ -2,29 +2,14 @@
-
- var isWindows = process.platform === 'win32';
-
--// Regex to split a windows path into three parts: [*, device, slash,
--// tail] windows-only
--var splitDeviceRe =
-- /^([a-zA-Z]:|[\\\/]{2}[^\\\/]+[\\\/]+[^\\\/]+)?([\\\/])?(.*)$/s;
--
--// Regex to split the tail part of the above into [*, dir, basename, ext]
--var splitTailRe =
-- /^((?:[^\\\/]*[\\\/])*)((?:\.{1,2}|[^\\\/]+?|)(\.[^.\/\\]*|))(?:[\\\/]*)$/;
-+// Regex to split a windows path into into [dir, root, basename, name, ext]
-+var splitWindowsRe =
-+ /^(((?:[a-zA-Z]:|[\\\/]{2}[^\\\/]+[\\\/]+[^\\\/]+)?[\\\/]?)(?:[^\\\/]*[\\\/])*)((\.{1,2}|[^\\\/]+?|)(\.[^.\/\\]*|))[\\\/]*$/;
-
- var win32 = {};
-
--// Function to split a filename into [root, dir, basename, ext]
- function win32SplitPath(filename) {
-- // Separate device+slash from tail
-- var result = splitDeviceRe.exec(filename),
-- device = (result[1] || '') + (result[2] || ''),
-- tail = result[3] || '';
-- // Split the tail into dir, basename and extension
-- var result2 = splitTailRe.exec(tail),
-- dir = result2[1],
-- basename = result2[2],
-- ext = result2[3];
-- return [device, dir, basename, ext];
-+ return splitWindowsRe.exec(filename).slice(1);
- }
-
- win32.parse = function(pathString) {
-@@ -34,24 +19,24 @@ win32.parse = function(pathString) {
- );
- }
- var allParts = win32SplitPath(pathString);
-- if (!allParts || allParts.length !== 4) {
-+ if (!allParts || allParts.length !== 5) {
- throw new TypeError("Invalid path '" + pathString + "'");
- }
- return {
-- root: allParts[0],
-- dir: allParts[0] + allParts[1].slice(0, -1),
-+ root: allParts[1],
-+ dir: allParts[0] === allParts[1] ? allParts[0] : allParts[0].slice(0, -1),
- base: allParts[2],
-- ext: allParts[3],
-- name: allParts[2].slice(0, allParts[2].length - allParts[3].length)
-+ ext: allParts[4],
-+ name: allParts[3]
- };
- };
-
-
-
--// Split a filename into [root, dir, basename, ext], unix version
-+// Split a filename into [dir, root, basename, name, ext], unix version
- // 'root' is just a slash, or nothing.
- var splitPathRe =
-- /^(\/?|)((?:[^\/]*\/)*)((?:\.{1,2}|[^\/]+?|)(\.[^.\/]*|))(?:[\/]*)$/;
-+ /^((\/?)(?:[^\/]*\/)*)((\.{1,2}|[^\/]+?|)(\.[^.\/]*|))[\/]*$/;
- var posix = {};
-
-
-@@ -67,19 +52,16 @@ posix.parse = function(pathString) {
- );
- }
- var allParts = posixSplitPath(pathString);
-- if (!allParts || allParts.length !== 4) {
-+ if (!allParts || allParts.length !== 5) {
- throw new TypeError("Invalid path '" + pathString + "'");
- }
-- allParts[1] = allParts[1] || '';
-- allParts[2] = allParts[2] || '';
-- allParts[3] = allParts[3] || '';
--
-+
- return {
-- root: allParts[0],
-- dir: allParts[0] + allParts[1].slice(0, -1),
-+ root: allParts[1],
-+ dir: allParts[0].slice(0, -1),
- base: allParts[2],
-- ext: allParts[3],
-- name: allParts[2].slice(0, allParts[2].length - allParts[3].length)
-+ ext: allParts[4],
-+ name: allParts[3],
- };
- };
-
---
-2.31.1
-
diff --git a/SPECS/nodejs.spec b/SPECS/nodejs.spec
index 2d55f11..7acefba 100644
--- a/SPECS/nodejs.spec
+++ b/SPECS/nodejs.spec
@@ -15,7 +15,7 @@
# This is used by both the nodejs package and the npm subpackage thar
# has a separate version - the name is special so that rpmdev-bumpspec
# will bump this rather than adding .1 to the end.
-%global baserelease 1
+%global baserelease 2
%{?!_pkgdocdir:%global _pkgdocdir %{_docdir}/%{name}-%{version}}
@@ -26,8 +26,8 @@
# than a Fedora release lifecycle.
%global nodejs_epoch 1
%global nodejs_major 14
-%global nodejs_minor 17
-%global nodejs_patch 5
+%global nodejs_minor 18
+%global nodejs_patch 2
%global nodejs_abi %{nodejs_major}.%{nodejs_minor}
%if %{?with_libs} == 1
# nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h
@@ -54,19 +54,19 @@
# c-ares - from deps/cares/include/ares_version.h
# https://github.com/nodejs/node/pull/9332
%global c_ares_major 1
-%global c_ares_minor 17
-%global c_ares_patch 2
+%global c_ares_minor 18
+%global c_ares_patch 1
%global c_ares_version %{c_ares_major}.%{c_ares_minor}.%{c_ares_patch}
# llhttp - from deps/llhttp/include/llhttp.h
%global llhttp_major 2
%global llhttp_minor 1
-%global llhttp_patch 3
+%global llhttp_patch 4
%global llhttp_version %{llhttp_major}.%{llhttp_minor}.%{llhttp_patch}
# libuv - from deps/uv/include/uv/version.h
%global libuv_major 1
-%global libuv_minor 41
+%global libuv_minor 42
%global libuv_patch 0
%global libuv_version %{libuv_major}.%{libuv_minor}.%{libuv_patch}
@@ -110,7 +110,7 @@
%global npm_epoch 1
%global npm_major 6
%global npm_minor 14
-%global npm_patch 14
+%global npm_patch 15
%global npm_version %{npm_major}.%{npm_minor}.%{npm_patch}
# uvwasi - from deps/uvwasi/include/uvwasi.h
@@ -169,7 +169,8 @@ Patch2: 0002-Install-both-binaries-and-use-libdir.patch
# https://github.com/nodejs/node/issues/34903
Patch3: 0004-always-available-fips-options.patch
-Patch4: 0005-CVE-2021-23343-nodejs-path-parse.patch
+Patch4: 0001-deps-ansi-regex-fix-potential-ReDoS.patch
+Patch5: 0002-deps-json-schema-protect-against-prototype-pollution.patch
BuildRequires: make
BuildRequires: python3-devel
@@ -395,7 +396,6 @@ rm -rf deps/brotli
pathfix.py -i %{__python3} -pn $(find -type f ! -name "*.js")
find . -type f -exec sed -i "s~/usr\/bin\/env python~/usr/bin/python3~" {} \;
find . -type f -exec sed -i "s~/usr\/bin\/python\W~/usr/bin/python3~" {} \;
-sed -i "s~python~python3~" $(find . -type f | grep "gyp$")
sed -i "s~usr\/bin\/python2~usr\/bin\/python3~" ./deps/v8/tools/gen-inlining-tests.py
sed -i "s~usr\/bin\/python.*$~usr\/bin\/python3~" ./deps/v8/tools/mb/mb_unittest.py
find . -type f -exec sed -i "s~python -c~python3 -c~" {} \;
@@ -411,6 +411,7 @@ find . -type f -exec sed -i "s~python -c~python3 -c~" {} \;
export CC='gcc'
export CXX='g++'
+%{?with_python3_fixup:export NODE_GYP_FORCE_PYTHON=%{__python3}}
# build with debugging symbols and add defines from libuv (#892601)
# Node's v8 breaks with GCC 6 because of incorrect usage of methods on
@@ -828,27 +829,36 @@ end
%changelog
+* Mon Dec 13 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.18.2-2
+- Add missing fixes
+- Resolves: RHBZ#2027642, RHBZ#2027635
+
+* Wed Dec 01 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.18.2-1
+- Resolves: RHBZ#2027609
+- Resolves: RHBZ#2027649, RHBZ#2027646, RHBZ#2027642, RHBZ#2027635
+- Rebase to new version to fix CVEs
+
* Tue Aug 17 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.17.5-1
- Resolves CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940,
- CVE-2021-23343, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672
- Resolves RHBZ#1847529 (make FIPS always available)
-- Resolves: RHBZ#1988599, RHBZ#1994000, RHBZ#1993998, RHBZ#1993095
-- Resolves: RHBZ#1994028, RHBZ#1994402, RHBZ#1994406, RHBZ#1994398
-- Resolves: RHBZ#1993924 (make FIPS always available)
+- Resolves: RHBZ#1988600, RHBZ#1993815, RHBZ#1993809, RHBZ#1993096
+- Resolves: RHBZ#1986743, RHBZ#1993947, RHBZ#1993940, RHBZ#1989427
+- Resolves: RHBZ#1951620 (make FIPS always available)
* Mon Aug 09 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.17.3-3
-- Resolves: RHBZ#1991584, RHBZ#1991578
+- Resolves: RHBZ#1945513, RHBZ#1945287
- Resolves CVE-2021-23362 CVE-2021-27290
- Bump for missing mentions of CVEs
* Thu Jul 08 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.17.3-2
-- Resolves: RHBZ#1980032, RHBZ#1978203
-- Resolves RHBZ#1842826
+- Resolves: RHBZ#1979844, RHBZ#1977829
+- Resolves: RHBZ#1842826
- Don't use patch3
* Thu Jul 08 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.17.3-1
-- Resolves: RHBZ#1980032, RHBZ#1978203
-- Resolves RHBZ#1842826
+- Resolves: RHBZ#1979844, RHBZ#1977829
+- Resolves: RHBZ#1842826
- Resolves CVE-2021-22918(libuv), use system cipher list
* Wed Mar 10 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.16.0-3
@@ -856,11 +866,12 @@ end
- Always build with systemtap
* Mon Mar 01 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.16.0-2
-- Resolves: RHBZ#1930775
+- Resolves RHBZ#1930775
- remove --debug-nghttp2 option
* Mon Mar 01 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.16.0-1
-- Resolves: RHBZ#1932318, RHBZ#1932366
+- Resolves CVE-2021-22883 CVE-2021-22884
+- Resolves: RHBZ#1934566, RHBZ#1934599
- Rebase, remove ini patch
* Tue Jan 26 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.15.4-2