Bug#990646: unblock: nodejs/12.21.0~dfsg-5
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package nodejs
[ Reason ]
nodejs have been using its own copy of libuv for a while,
without me noticing.
[ Impact ]
nodejs using own copy of libuv, bad for security fixes.
[ Tests ]
nodejs own test suite is thorough.
[ Risks ]
None. But I might have overlooked a risk. Please tell me.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
[ Other info ]
The problem should have been discovered one year ago. Sorry for this.
unblock nodejs/12.21.0~dfsg-5
diff -Nru nodejs-12.21.0~dfsg/debian/changelog nodejs-12.21.0~dfsg/debian/changelog
--- nodejs-12.21.0~dfsg/debian/changelog 2021-04-21 12:42:46.000000000 +0200
+++ nodejs-12.21.0~dfsg/debian/changelog 2021-07-03 20:50:29.000000000 +0200
@@ -1,3 +1,9 @@
+nodejs (12.21.0~dfsg-5) unstable; urgency=medium
+
+ * Patch uvwasi.gyp to honour --shared-libuv. Closes: #990569.
+
+ -- Jérémy Lal <kapouer@melix.org> Sat, 03 Jul 2021 20:50:29 +0200
+
nodejs (12.21.0~dfsg-4) unstable; urgency=medium
[ Andreas Beckmann ]
diff -Nru nodejs-12.21.0~dfsg/debian/patches/series nodejs-12.21.0~dfsg/debian/patches/series
--- nodejs-12.21.0~dfsg/debian/patches/series 2021-03-19 18:28:07.000000000 +0100
+++ nodejs-12.21.0~dfsg/debian/patches/series 2021-07-03 16:18:02.000000000 +0200
@@ -1,3 +1,4 @@
+shared_uv_from_uvwasi.patch
large_pages_assembly_gnu_stack.patch
dfhs_module_path_arch_triplet.patch
# 2012_kfreebsd.patch
diff -Nru nodejs-12.21.0~dfsg/debian/patches/shared_uv_from_uvwasi.patch nodejs-12.21.0~dfsg/debian/patches/shared_uv_from_uvwasi.patch
--- nodejs-12.21.0~dfsg/debian/patches/shared_uv_from_uvwasi.patch 1970-01-01 01:00:00.000000000 +0100
+++ nodejs-12.21.0~dfsg/debian/patches/shared_uv_from_uvwasi.patch 2021-07-03 17:43:00.000000000 +0200
@@ -0,0 +1,26 @@
+Description: uvwasi depends on uv.gyp and ignores shared_libuv
+Author: Jérémy Lal <kapouer@melix.org>
+Last-Update: 2021-07-03
+Forwarded: https://github.com/nodejs/node/issues/39248
+--- a/deps/uvwasi/uvwasi.gyp
++++ b/deps/uvwasi/uvwasi.gyp
+@@ -18,9 +18,6 @@
+ 'src/wasi_rights.c',
+ 'src/wasi_serdes.c',
+ ],
+- 'dependencies': [
+- '../uv/uv.gyp:libuv',
+- ],
+ 'direct_dependent_settings': {
+ 'include_dirs': ['include']
+ },
+@@ -31,6 +28,9 @@
+ '_POSIX_C_SOURCE=200112',
+ ],
+ }],
++ [ 'node_shared_libuv=="false"', {
++ 'dependencies': [ '../uv/uv.gyp:libuv' ],
++ }],
+ ],
+ }
+ ]
diff -Nru nodejs-12.21.0~dfsg/debian/rules nodejs-12.21.0~dfsg/debian/rules
--- nodejs-12.21.0~dfsg/debian/rules 2021-02-23 19:22:31.000000000 +0100
+++ nodejs-12.21.0~dfsg/debian/rules 2021-07-03 15:48:04.000000000 +0200
@@ -16,19 +16,20 @@
export LANG
DEB_CONFIGURE_NORMAL_ARGS =
DEB_CONFIGURE_EXTRA_FLAGS = \
+--verbose \
--without-npm \
--shared \
--shared-zlib \
--shared-cares \
---shared-nghttp2 \
--shared-brotli \
--with-intl=system-icu \
--prefix=/usr \
--openssl-use-def-ca-store \
--arch-triplet=$(DEB_HOST_MULTIARCH) \
---node-relative-path="lib/$(DEB_HOST_MULTIARCH)/nodejs:share/nodejs:lib/nodejs" \
---shared-libuv
+--node-relative-path="lib/$(DEB_HOST_MULTIARCH)/nodejs:share/nodejs:lib/nodejs"
+DEB_CONFIGURE_EXTRA_FLAGS += --shared-nghttp2
+DEB_CONFIGURE_EXTRA_FLAGS += --shared-libuv
DEB_CONFIGURE_EXTRA_FLAGS += --shared-openssl
# map HOST ARCH AND OS, and if unknown let upstream guess
Reply to: