node: update to v12.18.3

upgrade npm to 6.14.6
update openssl to 1.1.1g

Vulnerabilities fixed:
* CVE-2020-8172: TLS session reuse can lead to host certificate verification bypass (High).
* CVE-2020-11080: HTTP/2 Large Settings Frame DoS (Low).
* CVE-2020-8174: napi_get_value_string_*() allows various kinds of memory corruption (High).

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>

diff --git a/lang/node/Makefile b/lang/node/Makefile
index 5b368c13ea1d8594504a10708068a5cc8aceaf7b..bea3bbc8f660aa4581dd2043db2d0d3fcb067149 100644 (file)
--- a/lang/node/Makefile
+++ b/lang/node/Makefile
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=node
-PKG_VERSION:=v12.16.1
-PKG_RELEASE:=2
+PKG_VERSION:=v12.18.3
+PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=https://nodejs.org/dist/$(PKG_VERSION)
-PKG_HASH:=0a95845ba02c46102b5671d0c5732460073f2d397488337e18d1fc30146d412d
+PKG_HASH:=71158026579487422fd13cc2553b34cddb76519098aa6030faab52f88c6e0d0e
 
 PKG_MAINTAINER:=John Crispin <blogic@openwrt.org>, Adrian Panella <ianchi74@outlook.com>
 PKG_LICENSE:=MIT

diff --git a/lang/node/patches/003-path.patch b/lang/node/patches/003-path.patch
index 63fe78b6a36a3fa6935ebe086b0f2325e6226f9d..c49fa7912e4648fac3496ae8a64b55f70ca5494d 100644 (file)
--- a/lang/node/patches/003-path.patch
+++ b/lang/node/patches/003-path.patch
@@ -1,6 +1,6 @@
 --- a/lib/internal/modules/cjs/loader.js
 +++ b/lib/internal/modules/cjs/loader.js
-@@ -1260,7 +1260,8 @@
+@@ -1239,7 +1239,8 @@
      path.resolve(process.execPath, '..') :
      path.resolve(process.execPath, '..', '..');
  

diff --git a/lang/node/patches/006-mips64_support.patch b/lang/node/patches/006-mips64_support.patch
index 5bd1b83924519661b2bb2b9ced9bc90259c21e90..b4d72c309dcdf5570f9d71944d6266cd452417d4 100644 (file)
--- a/lang/node/patches/006-mips64_support.patch
+++ b/lang/node/patches/006-mips64_support.patch
@@ -9,7 +9,7 @@
                'ppc64', 'x32','x64', 'x86', 'x86_64', 's390x')
  valid_arm_float_abi = ('soft', 'softfp', 'hard')
  valid_arm_fpu = ('vfp', 'vfpv3', 'vfpv3-d16', 'neon')
-@@ -896,6 +896,9 @@
+@@ -956,6 +956,9 @@
    if rtn == 'mipsel' and '_LP64' in k:
      rtn = 'mips64el'
  
@@ -19,12 +19,12 @@
    return rtn
  
  
-@@ -1001,7 +1004,7 @@
+@@ -1063,7 +1066,7 @@
  
    if target_arch == 'arm':
      configure_arm(o)
 -  elif target_arch in ('mips', 'mipsel', 'mips64el'):
 +  elif target_arch in ('mips', 'mipsel', 'mips64', 'mips64el'):
-     configure_mips(o)
+     configure_mips(o, target_arch)
  
    if flavor == 'aix':

diff --git a/lang/node/patches/999-delete_unnecessary_libraries_for_host_execute.patch b/lang/node/patches/999-delete_unnecessary_libraries_for_host_execute.patch
index 36ef76f1fb80ff86be82611631bdb2e9a2ae9c9e..6564b177fa6729edc8a621f8b79fe986eb8a9156 100644 (file)
--- a/lang/node/patches/999-delete_unnecessary_libraries_for_host_execute.patch
+++ b/lang/node/patches/999-delete_unnecessary_libraries_for_host_execute.patch
@@ -34,7 +34,7 @@
          '<@(icu_src_genccode)',
 --- a/tools/v8_gypfiles/v8.gyp 2019-06-27 19:12:20.000000000 +0900
 +++ b/tools/v8_gypfiles/v8.gyp 2019-07-01 14:40:48.292020880 +0900
-@@ -1265,6 +1265,7 @@
+@@ -1255,6 +1255,7 @@
      {
        'target_name': 'bytecode_builtins_list_generator',
        'type': 'executable',
@@ -42,7 +42,7 @@
        'conditions': [
          ['want_separate_host_toolset', {
            'toolsets': ['host'],
-@@ -1288,6 +1289,8 @@
+@@ -1278,6 +1279,8 @@
      {
        'target_name': 'mksnapshot',
        'type': 'executable',
@@ -51,7 +51,7 @@
        'dependencies': [
          'v8_base_without_compiler',
          'v8_compiler_for_mksnapshot',
-@@ -1310,6 +1313,7 @@
+@@ -1300,6 +1303,7 @@
      {
        'target_name': 'torque',
        'type': 'executable',
@@ -59,7 +59,7 @@
        'dependencies': [
          'torque_base',
          # "build/win:default_exe_manifest",
-@@ -1348,6 +1352,7 @@
+@@ -1338,6 +1342,7 @@
      {
        'target_name': 'torque-language-server',
        'type': 'executable',
@@ -67,7 +67,7 @@
        'conditions': [
          ['want_separate_host_toolset', {
            'toolsets': ['host'],
-@@ -1375,6 +1380,8 @@
+@@ -1365,6 +1370,8 @@
      {
        'target_name': 'gen-regexp-special-case',
        'type': 'executable',

diff --git a/lang/node/patches/999-v8_this_build_method_will_be_deprecated.patch b/lang/node/patches/999-v8_this_build_method_will_be_deprecated.patch
index ca81a5c560565bc16ad39a5b433942c1ffe442c8..828f89b6078995164171059238b8284fdae097f9 100644 (file)
--- a/lang/node/patches/999-v8_this_build_method_will_be_deprecated.patch
+++ b/lang/node/patches/999-v8_this_build_method_will_be_deprecated.patch
@@ -1,7 +1,7 @@
 diff -urN a/configure.py b/configure.py
 --- a/configure.py     2019-09-05 00:36:21.000000000 +0900
 +++ b/configure.py     2019-09-27 11:49:55.445800884 +0900
-@@ -1223,6 +1223,25 @@
+@@ -1276,6 +1276,23 @@
      options.build_v8_with_gn = FetchDeps(v8_path)
    o['variables']['build_v8_with_gn'] = b(options.build_v8_with_gn)
  
@@ -17,17 +17,15 @@ diff -urN a/configure.py b/configure.py
 +  elif target_arch in ('mipsel', 'mips64el'):
 +    o['variables']['v8_enable_embedded_builtins'] = 0
 +  elif target_arch == 'x64':
-+    if options.with_intl in (None, 'none'):
-+      o['variables']['v8_enable_embedded_builtins'] = 1
++    if options.with_intl not in (None, 'none'):
++      o['variables']['v8_enable_embedded_builtins'] = 0
 +  elif target_arch == 'ia32':
 +    if options.with_intl in (None, 'none'):
 +      o['variables']['v8_use_snapshot'] = 'false'
-+    else:
-+      o['variables']['v8_enable_embedded_builtins'] = 0
  
  def configure_openssl(o):
    variables = o['variables']
-@@ -1654,6 +1673,7 @@
+@@ -1713,6 +1732,7 @@
  configure_intl(output)
  configure_static(output)
  configure_inspector(output)