Revert "Fix CVE-2025-23085 for nodejs"

This reverts commit 23975d9.
microsoft · Feb 11, 2025 · b9fb0f7 · b9fb0f7
1 parent 23975d9
commit b9fb0f7
Show file tree

Hide file tree

Showing 6 changed files with 189 additions and 390 deletions.
diff --git a/SPECS/nodejs/CVE-2025-23085.patch b/SPECS/nodejs/CVE-2025-23085.patch
diff --git a/SPECS/nodejs/nodejs18.spec b/SPECS/nodejs/nodejs18.spec
@@ -19,7 +19,6 @@ Source0:        https://nodejs.org/download/release/v%{version}/node-v%{version}
 Patch0:         CVE-2023-21100.patch
 Patch1:         CVE-2024-21538.patch
 Patch2:         CVE-2025-22150.patch
-Patch3:         CVE-2025-23085.patch
 BuildRequires:  brotli-devel
 BuildRequires:  coreutils >= 8.22
 BuildRequires:  gcc
@@ -120,8 +119,8 @@ make cctest
 %{_datadir}/systemtap/tapset/node.stp
 
 %changelog
-* Tue Feb 11 2025 Kanishk Bansal <[email protected]> - 18.20.3-3
-- Patch CVE-2025-22150, CVE-2025-23085
+* Wed Feb 05 2025 Kanishk Bansal <[email protected]> - 18.20.3-3
+- Patch CVE-2025-22150
 
 * Tue Nov 19 2024 Bala <[email protected]> - 18.20.3-2
 - Patch CVE-2024-21538

diff --git a/toolkit/resources/manifests/package/pkggen_core_aarch64.txt b/toolkit/resources/manifests/package/pkggen_core_aarch64.txt
@@ -1,5 +1,5 @@
 filesystem-1.1-20.cm2.aarch64.rpm
-kernel-headers-5.15.167.1-1.cm2.noarch.rpm
+kernel-headers-5.15.173.1-1.cm2.noarch.rpm
 glibc-2.35-7.cm2.aarch64.rpm
 glibc-devel-2.35-7.cm2.aarch64.rpm
 glibc-i18n-2.35-7.cm2.aarch64.rpm
@@ -9,11 +9,11 @@ glibc-nscd-2.35-7.cm2.aarch64.rpm
 glibc-tools-2.35-7.cm2.aarch64.rpm
 zlib-1.2.13-2.cm2.aarch64.rpm
 zlib-devel-1.2.13-2.cm2.aarch64.rpm
-file-5.40-2.cm2.aarch64.rpm
-file-devel-5.40-2.cm2.aarch64.rpm
-file-libs-5.40-2.cm2.aarch64.rpm
-binutils-2.37-8.cm2.aarch64.rpm
-binutils-devel-2.37-8.cm2.aarch64.rpm
+file-5.40-3.cm2.aarch64.rpm
+file-devel-5.40-3.cm2.aarch64.rpm
+file-libs-5.40-3.cm2.aarch64.rpm
+binutils-2.37-10.cm2.aarch64.rpm
+binutils-devel-2.37-10.cm2.aarch64.rpm
 gmp-6.2.1-4.cm2.aarch64.rpm
 gmp-devel-6.2.1-4.cm2.aarch64.rpm
 mpfr-4.1.0-2.cm2.aarch64.rpm
@@ -33,11 +33,11 @@ libpkgconf-1.8.0-3.cm2.aarch64.rpm
 pkgconf-1.8.0-3.cm2.aarch64.rpm
 pkgconf-m4-1.8.0-3.cm2.noarch.rpm
 pkgconf-pkg-config-1.8.0-3.cm2.aarch64.rpm
-ncurses-6.4-2.cm2.aarch64.rpm
-ncurses-compat-6.4-2.cm2.aarch64.rpm
-ncurses-devel-6.4-2.cm2.aarch64.rpm
-ncurses-libs-6.4-2.cm2.aarch64.rpm
-ncurses-term-6.4-2.cm2.aarch64.rpm
+ncurses-6.4-3.cm2.aarch64.rpm
+ncurses-compat-6.4-3.cm2.aarch64.rpm
+ncurses-devel-6.4-3.cm2.aarch64.rpm
+ncurses-libs-6.4-3.cm2.aarch64.rpm
+ncurses-term-6.4-3.cm2.aarch64.rpm
 readline-8.1-1.cm2.aarch64.rpm
 readline-devel-8.1-1.cm2.aarch64.rpm
 coreutils-8.32-7.cm2.aarch64.rpm
@@ -69,7 +69,7 @@ libcap-ng-devel-0.8.2-2.cm2.aarch64.rpm
 util-linux-2.37.4-9.cm2.aarch64.rpm
 util-linux-devel-2.37.4-9.cm2.aarch64.rpm
 util-linux-libs-2.37.4-9.cm2.aarch64.rpm
-tar-1.34-2.cm2.aarch64.rpm
+tar-1.34-3.cm2.aarch64.rpm
 xz-5.2.5-1.cm2.aarch64.rpm
 xz-devel-5.2.5-1.cm2.aarch64.rpm
 xz-lang-5.2.5-1.cm2.aarch64.rpm
@@ -95,9 +95,9 @@ elfutils-libelf-0.186-2.cm2.aarch64.rpm
 elfutils-libelf-devel-0.186-2.cm2.aarch64.rpm
 elfutils-libelf-devel-static-0.186-2.cm2.aarch64.rpm
 elfutils-libelf-lang-0.186-2.cm2.aarch64.rpm
-expat-2.6.3-1.cm2.aarch64.rpm
-expat-devel-2.6.3-1.cm2.aarch64.rpm
-expat-libs-2.6.3-1.cm2.aarch64.rpm
+expat-2.6.3-2.cm2.aarch64.rpm
+expat-devel-2.6.3-2.cm2.aarch64.rpm
+expat-libs-2.6.3-2.cm2.aarch64.rpm
 libpipeline-1.5.5-3.cm2.aarch64.rpm
 libpipeline-devel-1.5.5-3.cm2.aarch64.rpm
 gdbm-1.21-1.cm2.aarch64.rpm
@@ -173,8 +173,8 @@ openssl-static-1.1.1k-35.cm2.aarch64.rpm
 libcap-2.60-2.cm2.aarch64.rpm
 libcap-devel-2.60-2.cm2.aarch64.rpm
 debugedit-5.0-2.cm2.aarch64.rpm
-libarchive-3.6.1-3.cm2.aarch64.rpm
-libarchive-devel-3.6.1-3.cm2.aarch64.rpm
+libarchive-3.6.1-4.cm2.aarch64.rpm
+libarchive-devel-3.6.1-4.cm2.aarch64.rpm
 rpm-4.18.0-4.cm2.aarch64.rpm
 rpm-build-4.18.0-4.cm2.aarch64.rpm
 rpm-build-libs-4.18.0-4.cm2.aarch64.rpm
@@ -189,17 +189,17 @@ libsolv-devel-0.7.24-1.cm2.aarch64.rpm
 libssh2-1.9.0-4.cm2.aarch64.rpm
 libssh2-devel-1.9.0-4.cm2.aarch64.rpm
 krb5-1.19.4-3.cm2.aarch64.rpm
-nghttp2-1.57.0-1.cm2.aarch64.rpm
-curl-8.8.0-2.cm2.aarch64.rpm
-curl-devel-8.8.0-2.cm2.aarch64.rpm
-curl-libs-8.8.0-2.cm2.aarch64.rpm
+nghttp2-1.57.0-2.cm2.aarch64.rpm
+curl-8.8.0-3.cm2.aarch64.rpm
+curl-devel-8.8.0-3.cm2.aarch64.rpm
+curl-libs-8.8.0-3.cm2.aarch64.rpm
 createrepo_c-0.17.5-1.cm2.aarch64.rpm
-libxml2-2.10.4-4.cm2.aarch64.rpm
-libxml2-devel-2.10.4-4.cm2.aarch64.rpm
+libxml2-2.10.4-5.cm2.aarch64.rpm
+libxml2-devel-2.10.4-5.cm2.aarch64.rpm
 docbook-dtd-xml-4.5-11.cm2.noarch.rpm
 docbook-style-xsl-1.79.1-14.cm2.noarch.rpm
 libsepol-3.2-2.cm2.aarch64.rpm
-glib-2.71.0-2.cm2.aarch64.rpm
+glib-2.71.0-3.cm2.aarch64.rpm
 libltdl-2.4.6-8.cm2.aarch64.rpm
 libltdl-devel-2.4.6-8.cm2.aarch64.rpm
 pcre-8.45-2.cm2.aarch64.rpm
@@ -231,16 +231,16 @@ libffi-devel-3.4.2-3.cm2.aarch64.rpm
 libtasn1-4.19.0-1.cm2.aarch64.rpm
 p11-kit-0.24.1-1.cm2.aarch64.rpm
 p11-kit-trust-0.24.1-1.cm2.aarch64.rpm
-ca-certificates-shared-2.0.0-18.cm2.noarch.rpm
-ca-certificates-tools-2.0.0-18.cm2.noarch.rpm
-ca-certificates-base-2.0.0-18.cm2.noarch.rpm
-ca-certificates-2.0.0-18.cm2.noarch.rpm
+ca-certificates-shared-2.0.0-19.cm2.noarch.rpm
+ca-certificates-tools-2.0.0-19.cm2.noarch.rpm
+ca-certificates-base-2.0.0-19.cm2.noarch.rpm
+ca-certificates-2.0.0-19.cm2.noarch.rpm
 dwz-0.14-2.cm2.aarch64.rpm
-unzip-6.0-20.cm2.aarch64.rpm
-python3-3.9.19-5.cm2.aarch64.rpm
-python3-devel-3.9.19-5.cm2.aarch64.rpm
-python3-libs-3.9.19-5.cm2.aarch64.rpm
-python3-setuptools-3.9.19-5.cm2.noarch.rpm
+unzip-6.0-21.cm2.aarch64.rpm
+python3-3.9.19-8.cm2.aarch64.rpm
+python3-devel-3.9.19-8.cm2.aarch64.rpm
+python3-libs-3.9.19-8.cm2.aarch64.rpm
+python3-setuptools-3.9.19-8.cm2.noarch.rpm
 python3-pygments-2.4.2-7.cm2.noarch.rpm
 which-2.21-8.cm2.aarch64.rpm
 libselinux-3.2-1.cm2.aarch64.rpm