Package node: Information

    Source package: node
    Version: 22.22.2-alt1
    Build time:  Apr 17, 2026, 09:45 PM
    Category: Development/Tools
    Report package bug
    Home page: http://nodejs.org/
    License: MIT
    Summary: Evented I/O for V8 Javascript
    Description: 
    Node.js is a server-side JavaScript environment that uses an asynchronous
event-driven model.  Node's goal is to provide an easy way to build scalable
network programs.
    List of RPM packages built from this SRPM:
    node (riscv64)
    node-debuginfo (riscv64)
    node-devel (riscv64)
    node-doc (noarch)
    npm (noarch)
    Maintainer: Vitaly Lipatov
    List of contributors:
    Vitaly Lipatov
    Alexey Shabalin
    Pavel Skrylev
    Dmitriy Kulik
    Mikhail Pokidko
    Vitaly Kuznetsov
      1. /proc
      2. python3-devel
      3. python3-module-simplejson
      4. curl
      5. rpm-build-intro >= 2.1.14
      6. rpm-macros-features
      7. rpm-macros-nodejs
      8. libcares-devel >= 1.34.6
      9. gcc-c++
      10. zlib-devel >= 1.3.1
      11. libicu-devel >= 7.4
      12. gyp >= 0.18.3
      13. libnghttp2-devel >= 1.64.0
      14. libuv-devel >= 1.51.0
      15. libbrotli-devel
      16. openssl
      17. openssl-devel >= 3.0.15

    Last changed

    April 15, 2026 Vitaly Lipatov 22.22.2-alt1
    - new version 22.22.2 (with rpmrb script)
- set npm >= 10.9.7, libuv >= 1.51.0, c-ares >= 1.34.6
- set zlib >= 1.3.1, llhttp >= 9.3.0
- 22.22.0 fixed CVEs:
 + CVE-2025-59465: Add TLSSocket default error handler
 + CVE-2025-55132: Disable futimes when permission model is enabled
 + CVE-2025-55130: Require full read and write to symlink APIs
 + CVE-2025-59466: Rethrow stack overflow exceptions in async_hooks
 + CVE-2025-55131: Refactor unsafe buffer creation to remove zero-fill toggle
 + CVE-2026-21637: Route callback exceptions through error handlers
- 22.22.2 fixed CVEs:
 + CVE-2026-21637: Wrap SNICallback invocation in try/catch (High)
 + CVE-2026-21710: Use null prototype for headersDistinct/trailersDistinct (High)
 + CVE-2026-21713: Use timing-safe comparison in Web Cryptography HMAC (Medium)
 + CVE-2026-21714: Handle NGHTTP2_ERR_FLOW_CONTROL error code (Medium)
 + CVE-2026-21717: Test array index hash collision (Medium)
 + CVE-2026-21715: Add permission check to realpath.native (Low)
 + CVE-2026-21716: Include permission check on lib/fs/promises (Low)
    Sept. 22, 2025 Vitaly Lipatov 22.19.0-alt1
    - 2025-08-28, Version 22.19.0 'Jod' (LTS), @aduh95
- disable LTO on %ix86 (ALT bug 56065)
- set npm >= 10.9.3
    May 22, 2025 Vitaly Lipatov 22.16.0-alt1
    - 2025-05-21, Version 22.16.0 'Jod' (LTS), @aduh95
    VKontakte|Telegram|YouTube|Forum|ALT Linux Space|Bugzilla
    Version: v26.2.2
    Back to top