Skip to content

v12.22.11 proposal #42363

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Mar 17, 2022
Merged

v12.22.11 proposal #42363

merged 5 commits into from
Mar 17, 2022

Conversation

richardlau
Copy link
Member

2022-03-17, Version 12.22.11 'Erbium' (LTS), @richardlau

This is a security release.

Notable changes

Update to OpenSSL 1.1.1n, which addresses the following vulnerability:

Fix for building Node.js 12.x with Visual Studio 2019 to allow us to continue to
run CI tests.

Commits

  • [e3e5bf11ba] - build: pin Windows GitHub runner to windows-2019 (Richard Lau) #42349
  • [f41e7771bf] - build: fix detection of Visual Studio 2019 (Richard Lau) #42349
  • [c372ec207d] - deps: update archs files for OpenSSL-1.1.n (Richard Lau) #42348
  • [d574a1dccb] - deps: upgrade openssl sources to 1.1.1n (Richard Lau) #42348

@richardlau
build: fix detection of Visual Studio 2019
f41e777 
If Visual Studio 2017 is not found, attempt to find Visual Studio 2019.

PR-URL: #42349
Refs: https://github.blog/changelog/2021-10-19-github-actions-the-windows-2016-runner-image-will-be-removed-from-github-hosted-runners-on-march-15-2022/
Reviewed-By: Mestery <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Tobias Nießen <[email protected]>
Reviewed-By: Michaël Zasso <[email protected]>
Reviewed-By: Antoine du Hamel <[email protected]>
@richardlau
build: pin Windows GitHub runner to windows-2019
e3e5bf1 
GitHub is removing the Windows 2016 runner image on March 15, 2022.

Refs: https://github.blog/changelog/2021-10-19-github-actions-the-windows-2016-runner-image-will-be-removed-from-github-hosted-runners-on-march-15-2022/

PR-URL: #42349
Reviewed-By: Mestery <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Tobias Nießen <[email protected]>
Reviewed-By: Michaël Zasso <[email protected]>
Reviewed-By: Antoine du Hamel <[email protected]>
@richardlau
deps: upgrade openssl sources to 1.1.1n
d574a1d 
This updates all sources in deps/openssl/openssl by:
    $ cd deps/openssl/
    $ rm -rf openssl
    $ tar zxf ~/tmp/openssl-1.1.1n.tar.gz
    $ mv openssl-1.1.1n openssl
    $ git add --all openssl
    $ git commit openssl

PR-URL: #42348
Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-March/000218.html
Reviewed-By: Antoine du Hamel <[email protected]>
Reviewed-By: Darshan Sen <[email protected]>
Reviewed-By: Joe Sepi <[email protected]>
@richardlau
deps: update archs files for OpenSSL-1.1.n
c372ec2 
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
    $ make -C deps/openssl/config
    $ git add deps/openssl/config/archs
    $ git add deps/openssl/openssl/include/crypto/bn_conf.h
    $ git add deps/openssl/openssl/include/crypto/dso_conf.h
    $ git add deps/openssl/openssl/include/openssl/opensslconf.h
    $ git commit

PR-URL: #42348
Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-March/000218.html
Reviewed-By: Antoine du Hamel <[email protected]>
Reviewed-By: Darshan Sen <[email protected]>
Reviewed-By: Joe Sepi <[email protected]>
@richardlau richardlau added the request-ci Add this label to start a Jenkins CI on a PR. label Mar 16, 2022
richardlau added a commit that referenced this pull request Mar 16, 2022
@richardlau
2022-03-17, Version 12.22.11 'Erbium' (LTS)
d2c4e06 
This is a security release.

Notable changes:

Update to OpenSSL 1.1.1n, which addresses the following vulnerability:
- Infinite loop in BN\_mod\_sqrt() reachable when parsing certificates (High)(CVE-2022-0778)
  More details are available at https://www.openssl.org/news/secadv/20220315.txt

Fix for building Node.js 12.x with Visual Studio 2019 to allow us to continue to
run CI tests.

PR-URL: #42363
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Mar 16, 2022
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/43070/

@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/actions

@github-actions github-actions bot added dependencies Pull requests that update a dependency file. meta Issues and PRs related to the general management of the project. needs-ci PRs that need a full CI run. openssl Issues and PRs related to the OpenSSL dependency. v12.x labels Mar 16, 2022
aduh95
aduh95 approved these changes Mar 16, 2022
View reviewed changes
mhdawson
mhdawson approved these changes Mar 16, 2022
View reviewed changes
Copy link
Member

@mhdawson mhdawson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@richardlau
2022-03-17, Version 12.22.11 'Erbium' (LTS)
cdb72ea 
This is a security release.

Notable changes:

Update to OpenSSL 1.1.1n, which addresses the following vulnerability:
- Infinite loop in BN_mod_sqrt() reachable when parsing certificates (High)(CVE-2022-0778)
  More details are available at https://www.openssl.org/news/secadv/20220315.txt

Fix for building Node.js 12.x with Visual Studio 2019 to allow us to continue to
run CI tests.

PR-URL: #42363
@richardlau richardlau added the request-ci Add this label to start a Jenkins CI on a PR. label Mar 16, 2022
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Mar 16, 2022
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/43076/

@github-actions github-actions bot mentioned this pull request Mar 17, 2022
Open
38 tasks
@richardlau
Copy link
Member Author

CITGM:

$ ncu-ci citgm 2883 2884
--------------------------------------------------------------------------------
[1/1] Running CITGM: 2883
--------------------------------------------------------------------------------
✔  Summary data downloaded
✔  Results data downloaded
✔  Summary data downloaded
✔  Results data downloaded
----------------------------------- Summary ------------------------------------
Result     FAILURE
URL        https://ci.nodejs.org/job/citgm-smoker/2883/
Source     https://api.github.com/repos/nodejs/node/git/refs/heads/v12.x
Commit     [390189173fa3] Working on v12.22.11
Date       2022-02-01 15:03:27 -0500
Author     Ruy Adorno <[email protected]>
----------------------------------- Summary ------------------------------------
Result     FAILURE
URL        https://ci.nodejs.org/job/citgm-smoker/2884/
Source     https://api.github.com/repos/nodejs/node/git/refs/heads/v12.22.11-proposal
Commit     [cdb72ea5d913] 2022-03-17, Version 12.22.11 'Erbium' (LTS)
Date       2022-03-16 19:32:07 -0400
Author     Richard Lau <[email protected]>
----------------------------------- Results ------------------------------------



FAILURE: 17 failures in 2884 not present in 2883


┌────────────────────────┬────────────────────┬────────────────────────┬────────────────┐
│        (index)         │         0          │           1            │       2        │
├────────────────────────┼────────────────────┼────────────────────────┼────────────────┤
│        osx1015         │   'async-v3.2.3'   │   'resolve-v1.22.0'    │                │
│      aix71-ppc64       │                    │                        │                │
│   fedora-latest-x64    │   'async-v3.2.3'   │                        │                │
│     ubuntu1804-64      │   'jest-v27.5.1'   │    'winston-v3.6.0'    │                │
│     centos7-ppcle      │    'bl-v5.0.0'     │  'spawn-wrap-v2.0.0'   │                │
│       win-vs2017       │   'async-v3.2.3'   │   'leveldown-v6.1.0'   │  'ws-v8.5.0'   │
│       debian9-64       │   'async-v3.2.3'   │ 'full-icu-test-v1.0.3' │ 'jest-v27.5.1' │
│     ubuntu1604-64      │  'winston-v3.6.0'  │                        │                │
│      rhel7-s390x       │  'undici-v4.15.1'  │                        │                │
│        osx1014         │                    │                        │                │
│      debian10-x64      │ 'socket.io-v4.4.1' │                        │                │
│ fedora-last-latest-x64 │   'async-v3.2.3'   │                        │                │
└────────────────────────┴────────────────────┴────────────────────────┴────────────────┘

Nothing spotted that is obviously related to the commits in this PR.

@richardlau
Copy link
Member Author

Release build for cdb72ea: https://ci-release.nodejs.org/job/iojs+release/8322/

richardlau added a commit that referenced this pull request Mar 17, 2022
@richardlau
Working on v12.22.12
eca0dd9 
PR-URL: #42363
@richardlau richardlau merged commit cdb72ea into v12.x Mar 17, 2022
richardlau added a commit that referenced this pull request Mar 17, 2022
@richardlau
2022-03-17, Version 12.22.11 'Erbium' (LTS)
aead813 
This is a security release.

Notable changes:

Update to OpenSSL 1.1.1n, which addresses the following vulnerability:
- Infinite loop in BN_mod_sqrt() reachable when parsing certificates (High)(CVE-2022-0778)
  More details are available at https://www.openssl.org/news/secadv/20220315.txt

Fix for building Node.js 12.x with Visual Studio 2019 to allow us to continue to
run CI tests.

PR-URL: #42363
@github-actions github-actions bot mentioned this pull request Mar 18, 2022
Open
28 tasks
richardlau added a commit to richardlau/nodejs.org that referenced this pull request Mar 18, 2022
@richardlau
Blog: v12.22.11 release post
0d991e2 
Refs: nodejs/node#42363
richardlau added a commit to richardlau/nodejs.org that referenced this pull request Mar 18, 2022
@richardlau
Blog: v12.22.11 release post
ba3f515 
Refs: nodejs/node#42363
@richardlau richardlau mentioned this pull request Mar 18, 2022
Merged
richardlau added a commit to nodejs/nodejs.org that referenced this pull request Mar 18, 2022
@richardlau
Blog: v12.22.11 release post (#4498)
299e1ff 
Refs: nodejs/node#42363
@richardlau richardlau deleted the v12.22.11-proposal branch March 18, 2022 01:31
This was referenced Mar 19, 2022
Open
Open
Open
Open
xtx1130 pushed a commit to xtx1130/node that referenced this pull request Apr 25, 2022
@richardlau @xtx1130
2022-03-17, Version 12.22.11 'Erbium' (LTS)
6065bd8 
This is a security release.

Notable changes:

Update to OpenSSL 1.1.1n, which addresses the following vulnerability:
- Infinite loop in BN_mod_sqrt() reachable when parsing certificates (High)(CVE-2022-0778)
  More details are available at https://www.openssl.org/news/secadv/20220315.txt

Fix for building Node.js 12.x with Visual Studio 2019 to allow us to continue to
run CI tests.

PR-URL: nodejs#42363
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bengl bengl bengl approved these changes

@tniessen tniessen tniessen approved these changes

@mhdawson mhdawson mhdawson approved these changes

@aduh95 aduh95 aduh95 approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file. meta Issues and PRs related to the general management of the project. needs-ci PRs that need a full CI run. openssl Issues and PRs related to the OpenSSL dependency.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@richardlau @nodejs-github-bot @bengl @tniessen @mhdawson @aduh95