aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichał Polański <michal@polanski.me>2021-04-07 21:39:48 +0200
committerMichał Polański <michal@polanski.me>2021-04-07 21:39:48 +0200
commit5c1b52910d6f9c2ac8b8a26f2b63f24964b19949 (patch)
tree64b9f533994b7687acc0cb1d52d0fb7c5277c006
parentf67597fd62fb180074745108b2b5c9c834d60fe7 (diff)
downloadaports-5c1b52910d6f9c2ac8b8a26f2b63f24964b19949.tar.gz
aports-5c1b52910d6f9c2ac8b8a26f2b63f24964b19949.tar.bz2
aports-5c1b52910d6f9c2ac8b8a26f2b63f24964b19949.tar.xz
main/nodejs: security upgrade to 10.24.1
fixes CVE-2020-7774 security advisory: https://github.com/advisories/GHSA-c4w7-xm78-47vh
-rw-r--r--main/nodejs/APKBUILD6
1 files changed, 4 insertions, 2 deletions
diff --git a/main/nodejs/APKBUILD b/main/nodejs/APKBUILD
index d2f8030b62..e5c439a31d 100644
--- a/main/nodejs/APKBUILD
+++ b/main/nodejs/APKBUILD
@@ -6,6 +6,8 @@
# Maintainer: Jakub Jirutka <jakub@jirutka.cz>
#
# secfixes:
+# 10.24.1-r0:
+# - CVE-2020-7774
# 10.19.0-r0:
# - CVE-2019-15606
# - CVE-2019-15605
@@ -48,7 +50,7 @@
pkgname=nodejs
# Note: Update only to even-numbered versions (e.g. 6.y.z, 8.y.z)!
# Odd-numbered versions are supported only for 9 months by upstream.
-pkgver=10.24.0
+pkgver=10.24.1
pkgrel=0
pkgdesc="JavaScript runtime built on V8 engine - LTS version"
url="https://nodejs.org/"
@@ -151,6 +153,6 @@ npm() {
mv "$pkgdir"/usr/lib/node_modules/npm "$subpkgdir"/usr/lib/node_modules/
}
-sha512sums="ff14c2071d20f9054f5db14505a0a9d1309d31c34f9b676dcb6430e553256fc557116e2aafe4b2c4662f84e049c70b24182329f021e1ba46a479aadbc4304a5c node-v10.24.0.tar.gz
+sha512sums="1ce82fd404a434e48ebd16dc83792a4b3cff18433c1cce53b09b85dda2fbf1abf372574e3ab113e99c884012caadc13b246698ce071aaa329577bc08cdc2be46 node-v10.24.1.tar.gz
c27cb338eea8c817042d58b8fbadc234fb586f490020677f28f900ade31d2f4dd7bcdd4e52fddf209d9221b7e1fa57f629bd38787456995413cee79311f9571f dont-run-gyp-files-for-bundled-deps.patch
4fd3f10bd82d1e851ed000169c2635c001a4a051283edf96f1efb2260e2d395199dd5843f79f1cff8f2c0c65462c44241c508ea67835dfbd9880d9196fae290a link-with-libatomic-on-mips32.patch"