ELSA-2026-8339

Описание

nodejs [1:20.20.2-1]

• Update to version 20.20.2
• Patch nghttp2 to version 1.68.1 and disable tests which would fail due to this change. Resolves: RHEL-154018 Fixes: CVE-2026-27135 CVE-2026-27904 CVE-2026-26996 CVE-2026-25547 CVE-2026-21710

nodejs-nodemon [3.0.1-1]

• Rebase to 3.0.1
• Resolves: CVE-2022-25883

[2.0.20-2]

• Patch bundled glob-parent
• Resolves: CVE-2021-35065

[2.0.20-1]

• Rebase to 2.0.20 Resolves: CVE-2022-3517

[2.0.19-1]

• Rebase to 2.0.19 Resolves: CVE-2022-33987

[2.0.15-1]

• Resolves: RHBZ#2005419
• Resolves CVE-2020-28469
• Rebase to newest version
• Change source to npmjs.com

[2.0.7-1]

• Resolves: RHBZ#1953991
• Update to 2.0.7 to resolve CVE-2020-28469

[2.0.3-1]

• Updated

[1.18.3-1]

• Resolves: #1615413
• Updated
• bundled

[1.11.0-2]

• rh-nodejs8 rebuild

[1.11.0-1]

• Updated with script

nodejs-packaging [2021.06-5]

• nodejs.req properly detect bundled deps

[2021.06-4]

• NPM bundler: also find namespaced bundled dependencies

[2021.06-3]

• Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild

[2021.06-2]

• Fix hard-coded output directory in the bundler

[2021.06-1]

• Update to 2021.06-1
• bundler: Handle archaic license metadata
• bundler: Warn about bundled dependencies with no license metadata

[2021.01-3]

• Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

[2021.01-2]

• nodejs-packaging-bundler improvements to handle uncommon characters

[2021.01]

• Add nodejs-packaging-bundler and update README.md

[2020.09-1]

• Move to dist-git as the upstream

[25-1]

• Fix incorrect bundled library detection for Requires