Your message dated Thu, 01 May 2025 09:35:33 +0000
with message-id <e1uaqkl-000u1n...@fasolo.debian.org>
and subject line Bug#1076350: fixed in nodejs 20.19.0+dfsg1-1
has caused the Debian Bug report #1076350,
regarding Segfault with shared libuv on x86 (CVE-2025-47153)
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1076350: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076350
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: nodejs
Version: 18.19.0+dfsg-6~deb12u2
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)
X-Debbugs-Cc: syominser...@gmail.com
Hi!
I was trying to build from source package node-chai in Debian Bookworm i386.
And there was a failure. Now I will describe how to reproduce.
I created new virtual machine in VirtualBox 6.1 and installed Deban Bookworm
from debian-12.6.0-i386-DVD-1.iso I have earlier downloaded here:
https://cdimage.debian.org/debian-cd/current/i386/iso-dvd/
After installation (with no software groups selected) I configured apt sources:
deb http://deb.debian.org/debian bookworm contrib main non-free-firmware
deb-src http://deb.debian.org/debian bookworm contrib main non-free-firmware
deb http://deb.debian.org/debian-security/ bookworm-security contrib main
non-free-firmware
deb-src http://deb.debian.org/debian-security/ bookworm-security contrib main
non-free-firmware
deb http://deb.debian.org/debian bookworm-updates contrib main non-free-firmware
deb-src http://deb.debian.org/debian bookworm-updates contrib main
non-free-firmware
Then ran "apt update" and "apt upgrade".
Then I installed build deps of node-chai package with command "apt build-dep
node-chai".
Packages nodejs=18.19.0+dfsg-6~deb12u2 and node-browserify=17.0.0+ds-5 also
installed among build deps.
Then I downloaded sources of node-chai with "apt source node-chai".
I received version "4.3.7~ds1+~cs9.7.21-1" of node-chai.
Then I entered into dir with sources of node-chai and ran "dpkg-buildpackage
-uc -us". Build of package node-chai finished with error:
/usr/bin/make chai.js
make[2]: Entering directory '/root/node-chai-4.3.7~ds1+~cs9.7.21'
==> [Browser :: build]
make[2]: *** [Makefile:24: chai.js] Segmentation fault
Error also can be reproduced in current state with command:
root@debian-bookworm-i386:~/node-chai-4.3.7~ds1+~cs9.7.21# make chai.js
==> [Browser :: build]
make: *** [Makefile:24: chai.js] Segmentation fault
With --trace it is possible to see exact command that failed:
root@debian-bookworm-i386:~/node-chai-4.3.7~ds1+~cs9.7.21# make --trace chai.js
Makefile:23: update target 'chai.js' due to: node_modules lib/chai lib/chai.js
printf "==> [Browser :: build]\n"
==> [Browser :: build]
browserify \
--bare \
--outfile chai.js \
--standalone chai \
--entry index.js
make: *** [Makefile:24: chai.js] Segmentation fault
It is possible to run this command and see error:
root@debian-bookworm-i386:~/node-chai-4.3.7~ds1+~cs9.7.21# browserify \
--bare \
--outfile chai.js \
--standalone chai \
--entry index.js
Segmentation fault
root@debian-bookworm-i386:~/node-chai-4.3.7~ds1+~cs9.7.21#
Formally error in executable file /usr/bin/browserify belongs to package
node-browserify:
root@debian-bookworm-i386:~/node-chai-4.3.7~ds1+~cs9.7.21# which browserify
/usr/bin/browserify
root@debian-bookworm-i386:~/node-chai-4.3.7~ds1+~cs9.7.21# dpkg -S
/usr/bin/browserify
node-browserify: /usr/bin/browserify
But this is node script:
root@debian-bookworm-i386:~/node-chai-4.3.7~ds1+~cs9.7.21# head -1
/usr/bin/browserify
#!/usr/bin/env node
root@debian-bookworm-i386:~/node-chai-4.3.7~ds1+~cs9.7.21#
So we actually see segfault error in /usr/bin/node executable belongs to nodejs
package:
root@debian-bookworm-i386:~/node-chai-4.3.7~ds1+~cs9.7.21# which node
/usr/bin/node
root@debian-bookworm-i386:~/node-chai-4.3.7~ds1+~cs9.7.21# dpkg -S /usr/bin/node
nodejs: /usr/bin/node
So I think this error must be associated with package nodejs because node
executable must not fail with segfault in all cases.
Then I installed package systemd-coredump and opened coredump with debugger.
Here is backtrace:
root@debian-bookworm-i386:~/node-chai-4.3.7~ds1+~cs9.7.21# coredumpctl debug
PID: 11491 (node)
UID: 0 (root)
GID: 0 (root)
Signal: 11 (SEGV)
Timestamp: Sun 2024-07-14 00:22:31 MSK (6min ago)
Command Line: node /usr/bin/browserify --bare --outfile chai.js --standalone
chai --entry index.js
Executable: /usr/bin/node
Control Group: /user.slice/user-0.slice/session-1.scope
Unit: session-1.scope
Slice: user-0.slice
Session: 1
Owner UID: 0 (root)
Boot ID: f0baf372a3a342da9d1e80600e3c22b2
Machine ID: bb88a0eb919c40a690e344da5d477cfb
Hostname: debian-bookworm-i386
Storage:
/var/lib/systemd/coredump/core.node.0.f0baf372a3a342da9d1e80600e3c22b2.11491.1720905751000000.zst
(present)
Size on Disk: 5.2M
Message: Process 11491 (node) of user 0 dumped core.
Stack trace of thread 11491:
#0 0x00000000b5858507 _ZN4node2fs9FSReqBaseD1Ev
(libnode.so.108 + 0x858507)
#1 0x00000000b5871a4d _ZN4node2fs13FSReqCallbackD0Ev
(libnode.so.108 + 0x871a4d)
#2 0x00000000b584bc52
_ZN4node24MakeLibuvRequestCallbackI7uv_fs_sPFvPS1_EE7WrapperES2_
(libnode.so.108 + 0x84bc52)
#3 0x00000000b7cf7620 n/a (libuv.so.1 + 0x9620)
#4 0x00000000b7cfb24a n/a (libuv.so.1 + 0xd24a)
#5 0x00000000b7d1099b n/a (libuv.so.1 + 0x2299b)
#6 0x00000000b7cfbc83 uv_run (libuv.so.1 + 0xdc83)
#7 0x00000000b577424a
_ZN4node13SpinEventLoopEPNS_11EnvironmentE (libnode.so.108 + 0x77424a)
#8 0x00000000b58a185c
_ZN4node16NodeMainInstance3RunEPiPNS_11EnvironmentE (libnode.so.108 + 0x8a185c)
#9 0x00000000b58a1cb9 _ZN4node16NodeMainInstance3RunEv
(libnode.so.108 + 0x8a1cb9)
#10 0x00000000b5807951
_ZN4node22LoadSnapshotDataAndRunEPPKNS_12SnapshotDataEPKNS_20InitializationResultE
(libnode.so.108 + 0x807951)
#11 0x00000000b580b70e _ZN4node5StartEiPPc (libnode.so.108 +
0x80b70e)
#12 0x00000000004c5087 main (node + 0x1087)
#13 0x00000000b7d642d5 n/a (libc.so.6 + 0x232d5)
#14 0x00000000b7d64398 __libc_start_main (libc.so.6 + 0x23398)
#15 0x00000000004c50c7 _start (node + 0x10c7)
Stack trace of thread 11496:
#0 0x00000000b7f74559 __kernel_vsyscall (linux-gate.so.1 +
0x559)
#1 0x00000000b7e56bd2 n/a (libc.so.6 + 0x115bd2)
#2 0x00000000b7dc55b5 n/a (libc.so.6 + 0x845b5)
#3 0x00000000b7dc880e pthread_cond_wait (libc.so.6 + 0x8780e)
#4 0x00000000b7d0a69c uv_cond_wait (libuv.so.1 + 0x1c69c)
#5 0x00000000b58ce222 n/a (libnode.so.108 + 0x8ce222)
#6 0x00000000b7dc935d n/a (libc.so.6 + 0x8835d)
#7 0x00000000b7e64688 n/a (libc.so.6 + 0x123688)
Stack trace of thread 11495:
#0 0x00000000b7f74559 __kernel_vsyscall (linux-gate.so.1 +
0x559)
#1 0x00000000b7e56bd2 n/a (libc.so.6 + 0x115bd2)
#2 0x00000000b7dc55b5 n/a (libc.so.6 + 0x845b5)
#3 0x00000000b7dc880e pthread_cond_wait (libc.so.6 + 0x8780e)
#4 0x00000000b7d0a69c uv_cond_wait (libuv.so.1 + 0x1c69c)
#5 0x00000000b58ce222 n/a (libnode.so.108 + 0x8ce222)
#6 0x00000000b7dc935d n/a (libc.so.6 + 0x8835d)
#7 0x00000000b7e64688 n/a (libc.so.6 + 0x123688)
Stack trace of thread 11494:
#0 0x00000000b7f74559 __kernel_vsyscall (linux-gate.so.1 +
0x559)
#1 0x00000000b7e56bd2 n/a (libc.so.6 + 0x115bd2)
#2 0x00000000b7dc55b5 n/a (libc.so.6 + 0x845b5)
#3 0x00000000b7dc880e pthread_cond_wait (libc.so.6 + 0x8780e)
#4 0x00000000b7d0a69c uv_cond_wait (libuv.so.1 + 0x1c69c)
#5 0x00000000b58ce222 n/a (libnode.so.108 + 0x8ce222)
#6 0x00000000b7dc935d n/a (libc.so.6 + 0x8835d)
#7 0x00000000b7e64688 n/a (libc.so.6 + 0x123688)
Stack trace of thread 11499:
#0 0x00000000b7f74559 __kernel_vsyscall (linux-gate.so.1 +
0x559)
#1 0x00000000b7e56bd2 n/a (libc.so.6 + 0x115bd2)
#2 0x00000000b7dc55b5 n/a (libc.so.6 + 0x845b5)
#3 0x00000000b7dc880e pthread_cond_wait (libc.so.6 + 0x8780e)
#4 0x00000000b7d0a69c uv_cond_wait (libuv.so.1 + 0x1c69c)
#5 0x00000000b7cf6f5d n/a (libuv.so.1 + 0x8f5d)
#6 0x00000000b7dc935d n/a (libc.so.6 + 0x8835d)
#7 0x00000000b7e64688 n/a (libc.so.6 + 0x123688)
Stack trace of thread 11492:
#0 0x00000000b7f74559 __kernel_vsyscall (linux-gate.so.1 +
0x559)
#1 0x00000000b7e62bc3 epoll_wait (libc.so.6 + 0x121bc3)
#2 0x00000000b7d10c8e n/a (libuv.so.1 + 0x22c8e)
#3 0x00000000b7cfbc83 uv_run (libuv.so.1 + 0xdc83)
#4 0x00000000b58d3378
_ZZN4node23WorkerThreadsTaskRunner20DelayedTaskScheduler5StartEvENUlPvE_4_FUNES2_
(libnode.so.108 + 0x8d3378)
#5 0x00000000b7dc935d n/a (libc.so.6 + 0x8835d)
#6 0x00000000b7e64688 n/a (libc.so.6 + 0x123688)
Stack trace of thread 11493:
#0 0x00000000b7f74559 __kernel_vsyscall (linux-gate.so.1 +
0x559)
#1 0x00000000b7e56bd2 n/a (libc.so.6 + 0x115bd2)
#2 0x00000000b7dc55b5 n/a (libc.so.6 + 0x845b5)
#3 0x00000000b7dc880e pthread_cond_wait (libc.so.6 + 0x8780e)
#4 0x00000000b7d0a69c uv_cond_wait (libuv.so.1 + 0x1c69c)
#5 0x00000000b58ce222 n/a (libnode.so.108 + 0x8ce222)
#6 0x00000000b7dc935d n/a (libc.so.6 + 0x8835d)
#7 0x00000000b7e64688 n/a (libc.so.6 + 0x123688)
Stack trace of thread 11500:
#0 0x00000000b7f74559 __kernel_vsyscall (linux-gate.so.1 +
0x559)
#1 0x00000000b7e56bd2 n/a (libc.so.6 + 0x115bd2)
#2 0x00000000b7dc55b5 n/a (libc.so.6 + 0x845b5)
#3 0x00000000b7dc880e pthread_cond_wait (libc.so.6 + 0x8780e)
#4 0x00000000b7d0a69c uv_cond_wait (libuv.so.1 + 0x1c69c)
#5 0x00000000b7cf6f5d n/a (libuv.so.1 + 0x8f5d)
#6 0x00000000b7dc935d n/a (libc.so.6 + 0x8835d)
#7 0x00000000b7e64688 n/a (libc.so.6 + 0x123688)
Stack trace of thread 11497:
#0 0x00000000b7f74559 __kernel_vsyscall (linux-gate.so.1 +
0x559)
#1 0x00000000b7e56bd2 n/a (libc.so.6 + 0x115bd2)
#2 0x00000000b7dc55b5 n/a (libc.so.6 + 0x845b5)
#3 0x00000000b7dd1912 n/a (libc.so.6 + 0x90912)
#4 0x00000000b7dd19bb n/a (libc.so.6 + 0x909bb)
#5 0x00000000b7d0a72b uv_sem_wait (libuv.so.1 + 0x1c72b)
#6 0x00000000b597f6e3 n/a (libnode.so.108 + 0x97f6e3)
#7 0x00000000b7dc935d n/a (libc.so.6 + 0x8835d)
#8 0x00000000b7e64688 n/a (libc.so.6 + 0x123688)
Stack trace of thread 11501:
#0 0x00000000b7f74559 __kernel_vsyscall (linux-gate.so.1 +
0x559)
#1 0x00000000b7e56bd2 n/a (libc.so.6 + 0x115bd2)
#2 0x00000000b7dc55b5 n/a (libc.so.6 + 0x845b5)
#3 0x00000000b7dc880e pthread_cond_wait (libc.so.6 + 0x8780e)
#4 0x00000000b7d0a69c uv_cond_wait (libuv.so.1 + 0x1c69c)
#5 0x00000000b7cf6f5d n/a (libuv.so.1 + 0x8f5d)
#6 0x00000000b7dc935d n/a (libc.so.6 + 0x8835d)
#7 0x00000000b7e64688 n/a (libc.so.6 + 0x123688)
Stack trace of thread 11498:
#0 0x00000000b7f74559 __kernel_vsyscall (linux-gate.so.1 +
0x559)
#1 0x00000000b7e56bd2 n/a (libc.so.6 + 0x115bd2)
#2 0x00000000b7dc55b5 n/a (libc.so.6 + 0x845b5)
#3 0x00000000b7dc880e pthread_cond_wait (libc.so.6 + 0x8780e)
#4 0x00000000b7d0a69c uv_cond_wait (libuv.so.1 + 0x1c69c)
#5 0x00000000b7cf6f5d n/a (libuv.so.1 + 0x8f5d)
#6 0x00000000b7dc935d n/a (libc.so.6 + 0x8835d)
#7 0x00000000b7e64688 n/a (libc.so.6 + 0x123688)
ELF object binary architecture: Intel 80386
GNU gdb (Debian 13.1-3) 13.1
Copyright (C) 2023 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "i686-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/bin/node...
(No debugging symbols found in /usr/bin/node)
[New LWP 11491]
[New LWP 11496]
[New LWP 11495]
[New LWP 11494]
[New LWP 11499]
[New LWP 11492]
[New LWP 11493]
[New LWP 11500]
[New LWP 11497]
[New LWP 11501]
[New LWP 11498]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
Core was generated by `node /usr/bin/browserify --bare --outfile chai.js
--standalone chai --entry ind'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0xb5858507 in node::fs::FSReqBase::~FSReqBase() () from
/lib/i386-linux-gnu/libnode.so.108
[Current thread is 1 (Thread 0xb7bac780 (LWP 11491))]
(gdb) bt
#0 0xb5858507 in node::fs::FSReqBase::~FSReqBase() () from
/lib/i386-linux-gnu/libnode.so.108
#1 0xb5871a4d in node::fs::FSReqCallback::~FSReqCallback() () from
/lib/i386-linux-gnu/libnode.so.108
#2 0xb584bc52 in node::MakeLibuvRequestCallback<uv_fs_s, void
(*)(uv_fs_s*)>::Wrapper(uv_fs_s*) () from /lib/i386-linux-gnu/libnode.so.108
#3 0xb7cf7620 in ?? () from /lib/i386-linux-gnu/libuv.so.1
#4 0xb7cfb24a in ?? () from /lib/i386-linux-gnu/libuv.so.1
#5 0xb7d1099b in ?? () from /lib/i386-linux-gnu/libuv.so.1
#6 0xb7cfbc83 in uv_run () from /lib/i386-linux-gnu/libuv.so.1
#7 0xb577424a in node::SpinEventLoop(node::Environment*) () from
/lib/i386-linux-gnu/libnode.so.108
#8 0xb58a185c in node::NodeMainInstance::Run(int*, node::Environment*) () from
/lib/i386-linux-gnu/libnode.so.108
#9 0xb58a1cb9 in node::NodeMainInstance::Run() () from
/lib/i386-linux-gnu/libnode.so.108
#10 0xb5807951 in node::LoadSnapshotDataAndRun(node::SnapshotData const**,
node::InitializationResult const*) () from /lib/i386-linux-gnu/libnode.so.108
#11 0xb580b70e in node::Start(int, char**) () from
/lib/i386-linux-gnu/libnode.so.108
#12 0x004c5087 in main ()
(gdb)
Then I installed valgrind and also ran browserify under valgrind:
root@debian-bookworm-i386:~/node-chai-4.3.7~ds1+~cs9.7.21# valgrind
--smc-check=all --read-var-info=yes --track-origins=yes --trace-children=yes
browserify --bare --outfile chai.js --standalone chai --entry index.js
==12019== Memcheck, a memory error detector
==12019== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
==12019== Using Valgrind-3.19.0 and LibVEX; rerun with -h for copyright info
==12019== Command: /usr/bin/browserify --bare --outfile chai.js --standalone
chai --entry index.js
==12019==
==12019== Memcheck, a memory error detector
==12019== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
==12019== Using Valgrind-3.19.0 and LibVEX; rerun with -h for copyright info
==12019== Command: /usr/bin/node /usr/bin/browserify --bare --outfile chai.js
--standalone chai --entry index.js
==12019==
--12019-- warning: evaluate_Dwarf3_Expr: unhandled DW_OP_ 0x9b
--12019-- warning: evaluate_Dwarf3_Expr: unhandled DW_OP_ 0x9b
--12019-- warning: evaluate_Dwarf3_Expr: unhandled DW_OP_ 0x9b
--12019-- warning: evaluate_Dwarf3_Expr: unhandled DW_OP_ 0x9b
--12019-- warning: evaluate_Dwarf3_Expr: unhandled DW_OP_ 0x9b
--12019-- warning: evaluate_Dwarf3_Expr: unhandled DW_OP_ 0x9b
--12019-- warning: evaluate_Dwarf3_Expr: unhandled DW_OP_ 0x9b
--12019-- warning: evaluate_Dwarf3_Expr: unhandled DW_OP_ 0x9b
--12019-- warning: evaluate_Dwarf3_Expr: unhandled DW_OP_ 0x9b
--12019-- warning: evaluate_Dwarf3_Expr: unhandled DW_OP_ 0x9b
--12019-- warning: evaluate_Dwarf3_Expr: unhandled DW_OP_ 0x9b
--12019-- warning: evaluate_Dwarf3_Expr: unhandled DW_OP_ 0x9b
==12019== Invalid read of size 4
==12019== at 0x50AF507: node::fs::FSReqBase::~FSReqBase() (in
/usr/lib/i386-linux-gnu/libnode.so.108)
==12019== by 0x50C8A4C: node::fs::FSReqCallback::~FSReqCallback() (in
/usr/lib/i386-linux-gnu/libnode.so.108)
==12019== by 0x50A2C51: node::MakeLibuvRequestCallback<uv_fs_s, void
(*)(uv_fs_s*)>::Wrapper(uv_fs_s*) (in /usr/lib/i386-linux-gnu/libnode.so.108)
==12019== by 0x761B61F: ??? (in /usr/lib/i386-linux-gnu/libuv.so.1.0.0)
==12019== by 0x761F249: ??? (in /usr/lib/i386-linux-gnu/libuv.so.1.0.0)
==12019== by 0x763499A: ??? (in /usr/lib/i386-linux-gnu/libuv.so.1.0.0)
==12019== by 0x761FC82: uv_run (in /usr/lib/i386-linux-gnu/libuv.so.1.0.0)
==12019== by 0x4FCB249: node::SpinEventLoop(node::Environment*) (in
/usr/lib/i386-linux-gnu/libnode.so.108)
==12019== by 0x50F885B: node::NodeMainInstance::Run(int*,
node::Environment*) (in /usr/lib/i386-linux-gnu/libnode.so.108)
==12019== by 0x50F8CB8: node::NodeMainInstance::Run() (in
/usr/lib/i386-linux-gnu/libnode.so.108)
==12019== by 0x505E950: node::LoadSnapshotDataAndRun(node::SnapshotData
const**, node::InitializationResult const*) (in
/usr/lib/i386-linux-gnu/libnode.so.108)
==12019== by 0x506270D: node::Start(int, char**) (in
/usr/lib/i386-linux-gnu/libnode.so.108)
==12019== Address 0x904 is not stack'd, malloc'd or (recently) free'd
==12019==
==12019==
==12019== Process terminating with default action of signal 11 (SIGSEGV)
==12019== at 0x74572E7: __pthread_kill_implementation (pthread_kill.c:44)
==12019== by 0x7406110: raise (raise.c:26)
==12019== by 0x505CF17: node::TrapWebAssemblyOrContinue(int, siginfo_t*,
void*) (in /usr/lib/i386-linux-gnu/libnode.so.108)
==12019== by 0x74061BF: ??? (in /usr/lib/i386-linux-gnu/libc.so.6)
==12019== by 0x50C8A4C: node::fs::FSReqCallback::~FSReqCallback() (in
/usr/lib/i386-linux-gnu/libnode.so.108)
==12019== by 0x50A2C51: node::MakeLibuvRequestCallback<uv_fs_s, void
(*)(uv_fs_s*)>::Wrapper(uv_fs_s*) (in /usr/lib/i386-linux-gnu/libnode.so.108)
==12019== by 0x761B61F: ??? (in /usr/lib/i386-linux-gnu/libuv.so.1.0.0)
==12019== by 0x761F249: ??? (in /usr/lib/i386-linux-gnu/libuv.so.1.0.0)
==12019== by 0x763499A: ??? (in /usr/lib/i386-linux-gnu/libuv.so.1.0.0)
==12019== by 0x761FC82: uv_run (in /usr/lib/i386-linux-gnu/libuv.so.1.0.0)
==12019== by 0x4FCB249: node::SpinEventLoop(node::Environment*) (in
/usr/lib/i386-linux-gnu/libnode.so.108)
==12019== by 0x50F885B: node::NodeMainInstance::Run(int*,
node::Environment*) (in /usr/lib/i386-linux-gnu/libnode.so.108)
==12019==
==12019== HEAP SUMMARY:
==12019== in use at exit: 7,635,016 bytes in 11,763 blocks
==12019== total heap usage: 114,126 allocs, 102,363 frees, 153,609,927 bytes
allocated
==12019==
==12019== LEAK SUMMARY:
==12019== definitely lost: 0 bytes in 0 blocks
==12019== indirectly lost: 0 bytes in 0 blocks
==12019== possibly lost: 1,520 bytes in 10 blocks
==12019== still reachable: 7,633,496 bytes in 11,753 blocks
==12019== suppressed: 0 bytes in 0 blocks
==12019== Rerun with --leak-check=full to see details of leaked memory
==12019==
==12019== For lists of detected and suppressed errors, rerun with: -s
==12019== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
JFYI. In Debian Bookworm amd64 it is imposible to reproduce problem in
described way.
-- System Information:
Debian Release: 12.6
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 6.1.0-22-686 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages nodejs depends on:
ii libc6 2.36-9+deb12u7
ii libnode108 18.19.0+dfsg-6~deb12u2
ii sse2-support 15.1
Versions of packages nodejs recommends:
ii ca-certificates 20230311
ii nodejs-doc 18.19.0+dfsg-6~deb12u2
Versions of packages nodejs suggests:
pn npm <none>
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: nodejs
Source-Version: 20.19.0+dfsg1-1
Done: Jérémy Lal <kapo...@melix.org>
We believe that the bug you reported is fixed in the latest version of
nodejs, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1076...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jérémy Lal <kapo...@melix.org> (supplier of updated nodejs package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 01 May 2025 11:09:56 +0200
Source: nodejs
Architecture: source
Version: 20.19.0+dfsg1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Javascript Maintainers
<pkg-javascript-de...@alioth-lists.debian.net>
Changed-By: Jérémy Lal <kapo...@melix.org>
Closes: 922075 1076350
Changes:
nodejs (20.19.0+dfsg1-1) unstable; urgency=medium
.
* New repackaged upstream tarball includes deps/uv.
* Add missing changelogs to nodejs-doc
* Lintian: old-fsf-address-in-copyright-file
* watch: fix ada url to actually get current version
* copyright: document deps/uv
* Build bundled libuv on i386 architecture to fix CVE-2025-47153.
Closes: #922075, #1076350,
Checksums-Sha1:
439fffc35932c87ef3df7e2ad7799605736735e7 4391 nodejs_20.19.0+dfsg1-1.dsc
36d594cccc87915a298fccaa4f30843f6a7af2ec 274900
nodejs_20.19.0+dfsg1.orig-ada.tar.xz
4685a4731de0572faf85557a03c73b517c61ee7e 302416
nodejs_20.19.0+dfsg1.orig-types-node.tar.xz
f95c375504a37d9fcda562adc5ed64dec50b74b6 19899220
nodejs_20.19.0+dfsg1.orig.tar.xz
2e304613ebb394c662978bb113bc75bab514e2c7 158884
nodejs_20.19.0+dfsg1-1.debian.tar.xz
643b351d4fdd13935849a1a5b8c7bc7ce6e1f54c 10688
nodejs_20.19.0+dfsg1-1_source.buildinfo
Checksums-Sha256:
a0e11e0550d2b43ceb0461437f4a31f3442844c13b7f7852b0ed66964ed947bd 4391
nodejs_20.19.0+dfsg1-1.dsc
26deff017c505b316f2498aaf293c896f4ab92b5349b367cf21fe14fa2cbd1e1 274900
nodejs_20.19.0+dfsg1.orig-ada.tar.xz
65900324d2dda4d59ff1878c030224b0f293a6a4fb65af9369bb2b3784335e73 302416
nodejs_20.19.0+dfsg1.orig-types-node.tar.xz
4f36b18aa3ef2b17d30fb52f6f4cb91592949e9d7473590863f6646f55eab939 19899220
nodejs_20.19.0+dfsg1.orig.tar.xz
4e46ead4e101782ad765f2dcaacaaf35a5d61bcf4e9225fbbbb0baecc482a85b 158884
nodejs_20.19.0+dfsg1-1.debian.tar.xz
fc05efcc9889bd3439a1f03b082fea429455f07d2db0e33e319e3e88323a2372 10688
nodejs_20.19.0+dfsg1-1_source.buildinfo
Files:
ce5389646e67b755a12d322bc055f8df 4391 javascript optional
nodejs_20.19.0+dfsg1-1.dsc
fd9ff3be8b8b43905dd24c5af24aab16 274900 javascript optional
nodejs_20.19.0+dfsg1.orig-ada.tar.xz
c6a9ccfd7bbd95365b6b843ed20f5b38 302416 javascript optional
nodejs_20.19.0+dfsg1.orig-types-node.tar.xz
344a4ff18346ae817e1a9e2d5ff3ad82 19899220 javascript optional
nodejs_20.19.0+dfsg1.orig.tar.xz
8203423444d5be08f22fd02df51c2a4b 158884 javascript optional
nodejs_20.19.0+dfsg1-1.debian.tar.xz
456bf3a1806c2f18c1231f264b7dc3df 10688 javascript optional
nodejs_20.19.0+dfsg1-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJGBAEBCAAwFiEEA8Tnq7iA9SQwbkgVZhHAXt0583QFAmgTOpYSHGthcG91ZXJA
bWVsaXgub3JnAAoJEGYRwF7dOfN02HkP/R3P2g+zTCDZrB7MrfwMn8DO1zL27H9a
NkH5+8SUYcnVuIczcLaW9aWfqT6+Oot6Lr/W2T24Rphd/nwbHkpyUI7GCAfWhifa
NHE0ckb7V3yeqVRS+pF9J4rwdyFWftt6/+nrRMU/dtBdQ4fRCYME6A36K33xttE2
iHpWfGEktWLhTEyxzd+D5um1rJ72FQ/05lQFsTPqntH8RHaLa4e2KEqvMcID9p8T
bNrRu4iYY2/3oc6NIcBIqFN01L4XcGERM8xwe91U5uwV8+KjONdx6Aem7M6kXEvt
vZu5TBx9uK+KeM2hzMvH1CBXJSavSfptpnr8v7KPBmtbSPgjJh2yww9Wz3lFc5FL
nN/Yan4kSUWHcCK8CUfVwAaaq/IBJZ/Qi02TLw9bwF248g/MXyS6MQLpbfXoY4ll
UD20oAcoNPb+Jhixeo8xY6IqM5vWq7Xuh+rKPEFVrCs4NMcVGw9WMDk5GRsne2FO
UjyNNDdPf8FdydMiaDzyH/V8IP8ppwl2g8g+2Jbe+4e2fA5inrtU5d/Zk/iNKr8E
jdwvt3BomLRujUto0pDLa0rrlHL/W/WiW+rGHASr8FQRClBlUJKRF5FrK1TBFlN+
C/dowHX2tFHt1rxhMGJ/TvwUozarvXHhAdpDHryQp3DA869+x04JSDDcUEwbmnoR
asTNoQDS7aWx
=LgeN
-----END PGP SIGNATURE-----
pgpzRjEHZtiBW.pgp
Description: PGP signature
--- End Message ---
