Bug 261789

Summary: www/node16: Update to 16.14.0 (LTS)
Product: Ports & Packages Reporter: Boris Korzun <drtr0jan>
Component: Individual Port(s)Assignee: Juraj Lutter <otis>
Status: Closed FIXED    
Severity: Affects Many People CC: bhughes, fred, freebsdbugs, otis, pi, ports-secteam, sean
Priority: Normal Keywords: needs-qa, security
Version: LatestFlags: bugzilla: maintainer-feedback? (bhughes)
koobs: merge-quarterly?
Hardware: Any   
OS: Any   
URL: https://nodejs.org/en/blog/release/v16.13.2/
See Also: https://reviews.freebsd.org/D34413
Bug Depends on:    
Bug Blocks: 261837, 263090    
Attachments:
Description Flags
node16.diff
drtr0jan: maintainer-approval? (bhughes)
vuxml.diff
drtr0jan: maintainer-approval?
diff-to-16.14.0 none

Description Boris Korzun 2022-02-08 07:25:44 UTC 
Created attachment 231632 [details]
node16.diff

Update to 16.13.2. It's needed for textproc/kibana7 7.17.0.
Comment 1 Kubilay Kocak freebsd_committer freebsd_triage 2022-02-08 22:02:03 UTC 
^Triage: 16.13.2 fixes multiple security vulnerabilities. Pending VuXML patch.

@Reporter Can you create an issue (depending on this one) for updating textproc/kibana7 so we can track the dependency
Comment 2 Boris Korzun 2022-02-11 23:00:39 UTC 
Created attachment 231762 [details]
vuxml.diff

(In reply to Kubilay Kocak from comment #1)

A VuXML patch in the attachment.
Comment 3 Boris Korzun 2022-02-24 09:04:23 UTC 
Ping
Comment 4 Kubilay Kocak freebsd_committer freebsd_triage 2022-02-26 00:12:17 UTC 
^Triage: Reset Assignee, maintainer timeout, security issue, open to take. We have an update and vuxml patches
Comment 5 Boris Korzun 2022-03-10 08:04:58 UTC 
Ping
Comment 6 Kurt Jaeger freebsd_committer freebsd_triage 2022-03-11 14:46:59 UTC 
Created attachment 232389 [details]
diff-to-16.14.0

Builds in poudriere for 13.0amd64.
Comment 7 Juraj Lutter freebsd_committer freebsd_triage 2022-03-18 18:52:49 UTC 
There already is 16.14.2 and I'm testing it now.
Comment 8 Juraj Lutter freebsd_committer freebsd_triage 2022-04-01 16:45:51 UTC 
Update to version 16.14.2 is in review D34413
Comment 9 commit-hook freebsd_committer freebsd_triage 2022-04-02 15:42:59 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=482b3e711590e12d3f996bf9ab67b74516a439e9

commit 482b3e711590e12d3f996bf9ab67b74516a439e9
Author:     Boris Korzun <drtr0jan@yandex.ru>
AuthorDate: 2022-04-02 15:40:16 +0000
Commit:     Juraj Lutter <otis@FreeBSD.org>
CommitDate: 2022-04-02 15:40:16 +0000

    security/vuxml: Document nodejs vulnerabilities

    PR:             261789

 security/vuxml/vuln-2022.xml | 47 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)
Comment 10 commit-hook freebsd_committer freebsd_triage 2022-04-02 15:45:00 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=cd47c658d43fbd29cb569b2230a05a1682ad3360

commit cd47c658d43fbd29cb569b2230a05a1682ad3360
Author:     Juraj Lutter <otis@FreeBSD.org>
AuthorDate: 2022-03-20 17:55:42 +0000
Commit:     Juraj Lutter <otis@FreeBSD.org>
CommitDate: 2022-04-02 15:43:19 +0000

    www/node16: Update to 16.14.2

    - Update to 16.14.2
    - Add COREPACK option

    Reported by:    Boris Korzun <drtr0jan@yandex.ru>, pi
    PR:             261789
    Differential Revision:  https://reviews.freebsd.org/D34413

 www/node16/Makefile | 9 ++++++---
 www/node16/distinfo | 6 +++---
 2 files changed, 9 insertions(+), 6 deletions(-)
Comment 11 Juraj Lutter freebsd_committer freebsd_triage 2022-04-02 15:46:54 UTC 
Committed with some of your inputs incorporated.

Thanks!
Comment 12 Kubilay Kocak freebsd_committer freebsd_triage 2022-05-26 00:19:08 UTC 
@Juraj It doesn't look like this was merged to quarterly?
Comment 13 Juraj Lutter freebsd_committer freebsd_triage 2022-05-27 16:11:35 UTC 
I'll commit an update to 16.15.0 that went out 1 month ago.
Comment 14 Juraj Lutter freebsd_committer freebsd_triage 2022-06-04 08:29:46 UTC 
- Update to 16.15.1 has been committed.
- vuxml entry has been commited earlier