Bug 261789 - www/node16: Update to 16.14.0 (LTS)
Summary: www/node16: Update to 16.14.0 (LTS)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Many People
Assignee: Juraj Lutter
URL: https://nodejs.org/en/blog/release/v1...
Keywords: needs-qa, security
Depends on:
Blocks: 261837 263090
  Show dependency treegraph
 
Reported: 2022-02-08 07:25 UTC by Boris Korzun
Modified: 2022-06-04 08:29 UTC (History)
7 users (show)

See Also:
bugzilla: maintainer-feedback? (bhughes)
koobs: merge-quarterly?

Attachments
node16.diff (824 bytes, patch)
2022-02-08 07:25 UTC, Boris Korzun 		drtr0jan: maintainer-approval? (bhughes)
 Details | Diff
vuxml.diff (3.39 KB, patch)
2022-02-11 23:00 UTC, Boris Korzun 		drtr0jan: maintainer-approval?
Details | Diff
diff-to-16.14.0 (3.65 KB, patch)
2022-03-11 14:46 UTC, Kurt Jaeger 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Boris Korzun 2022-02-08 07:25:44 UTC 
Created attachment 231632 [details]
node16.diff

Update to 16.13.2. It's needed for textproc/kibana7 7.17.0.
Comment 1 Kubilay Kocak freebsd_committer freebsd_triage 2022-02-08 22:02:03 UTC 
^Triage: 16.13.2 fixes multiple security vulnerabilities. Pending VuXML patch.

@Reporter Can you create an issue (depending on this one) for updating textproc/kibana7 so we can track the dependency
Comment 2 Boris Korzun 2022-02-11 23:00:39 UTC 
Created attachment 231762 [details]
vuxml.diff

(In reply to Kubilay Kocak from comment #1)

A VuXML patch in the attachment.
Comment 3 Boris Korzun 2022-02-24 09:04:23 UTC 
Ping
Comment 4 Kubilay Kocak freebsd_committer freebsd_triage 2022-02-26 00:12:17 UTC 
^Triage: Reset Assignee, maintainer timeout, security issue, open to take. We have an update and vuxml patches
Comment 5 Boris Korzun 2022-03-10 08:04:58 UTC 
Ping
Comment 6 Kurt Jaeger freebsd_committer freebsd_triage 2022-03-11 14:46:59 UTC 
Created attachment 232389 [details]
diff-to-16.14.0

Builds in poudriere for 13.0amd64.
Comment 7 Juraj Lutter freebsd_committer freebsd_triage 2022-03-18 18:52:49 UTC 
There already is 16.14.2 and I'm testing it now.
Comment 8 Juraj Lutter freebsd_committer freebsd_triage 2022-04-01 16:45:51 UTC 
Update to version 16.14.2 is in review D34413
Comment 9 commit-hook freebsd_committer freebsd_triage 2022-04-02 15:42:59 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=482b3e711590e12d3f996bf9ab67b74516a439e9

commit 482b3e711590e12d3f996bf9ab67b74516a439e9
Author:     Boris Korzun <drtr0jan@yandex.ru>
AuthorDate: 2022-04-02 15:40:16 +0000
Commit:     Juraj Lutter <otis@FreeBSD.org>
CommitDate: 2022-04-02 15:40:16 +0000

    security/vuxml: Document nodejs vulnerabilities

    PR:             261789

 security/vuxml/vuln-2022.xml | 47 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)
Comment 10 commit-hook freebsd_committer freebsd_triage 2022-04-02 15:45:00 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=cd47c658d43fbd29cb569b2230a05a1682ad3360

commit cd47c658d43fbd29cb569b2230a05a1682ad3360
Author:     Juraj Lutter <otis@FreeBSD.org>
AuthorDate: 2022-03-20 17:55:42 +0000
Commit:     Juraj Lutter <otis@FreeBSD.org>
CommitDate: 2022-04-02 15:43:19 +0000

    www/node16: Update to 16.14.2

    - Update to 16.14.2
    - Add COREPACK option

    Reported by:    Boris Korzun <drtr0jan@yandex.ru>, pi
    PR:             261789
    Differential Revision:  https://reviews.freebsd.org/D34413

 www/node16/Makefile | 9 ++++++---
 www/node16/distinfo | 6 +++---
 2 files changed, 9 insertions(+), 6 deletions(-)
Comment 11 Juraj Lutter freebsd_committer freebsd_triage 2022-04-02 15:46:54 UTC 
Committed with some of your inputs incorporated.

Thanks!
Comment 12 Kubilay Kocak freebsd_committer freebsd_triage 2022-05-26 00:19:08 UTC 
@Juraj It doesn't look like this was merged to quarterly?
Comment 13 Juraj Lutter freebsd_committer freebsd_triage 2022-05-27 16:11:35 UTC 
I'll commit an update to 16.15.0 that went out 1 month ago.
Comment 14 Juraj Lutter freebsd_committer freebsd_triage 2022-06-04 08:29:46 UTC 
- Update to 16.15.1 has been committed.
- vuxml entry has been commited earlier