Automatic update for nodejs-16.14.0-2.fc36.
* Wed Feb 9 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.14.0-2
- Replace explicit version of npm in %check with variable and make build fail if it doesn't match
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2022-130da47da4Please log in to add feedback.
This update was automatically created
This update's test gating status has been changed to 'waiting'.
This update's test gating status has been changed to 'ignored'.
This update has been submitted for stable by bodhi
I seem to be hitting the
ERR_OSSL_EVP_UNSUPPORTEDerror with16.14.0-2.fc36but since versions lower than 17 don't include--openssl-legacy-provideras an option, is there a recommended workaround for this since the changes are handled outside of this package, in theopensslone?You have the option to do
update-crypto-policies --set LEGACY, which will re-enable the unsupported algorithms, but a much better solution would be to fix the underlying code to use a secure algorithm instead. The most common offender is webpack, which can be addressed by adding the following config snippet:Note that
--openssl-legacy-providerwill probably not solve your issue. See https://www.redhat.com/en/blog/legacy-cryptography-fedora-36-and-red-hat-enterprise-linux-9 on the difference between the OpenSSL legacy provider and the LEGACY crypto-policy, and why the legacy provider is unlikely to be what you need.