[MEDIUM] Patch nodejs for CVE-2025-23165 CVE-2025-23166 (#13901)

Author: aninda-al

SPECS/nodejs/CVE-2025-23165.patch

@@ -0,0 +1,28 @@
+From 3badbd012233828132ec938253ed40a7854fd65c Mon Sep 17 00:00:00 2001
+From: Aninda <v-anipradhan@microsoft.com>
+Date: Sat, 24 May 2025 11:03:53 -0400
+Subject: [PATCH] Address CVE-2025-23165
+Upstream Patch Reference: https://github.com/nodejs/node/commit/9e13bf0a81e15c7b3a9f1826dccbcea991d7e63a
+
+---
+ src/node_file.cc | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/node_file.cc b/src/node_file.cc
+index 0ec5c6f4..ba69879b 100644
+--- a/src/node_file.cc
++++ b/src/node_file.cc
+@@ -2609,9 +2609,9 @@ static void ReadFileUtf8(const FunctionCallbackInfo<Value>& args) {
+     FS_SYNC_TRACE_END(open);
+     if (req.result < 0) {
+       uv_fs_req_cleanup(&req);
+-      // req will be cleaned up by scope leave.
+       return env->ThrowUVException(req.result, "open", nullptr, path.out());
+     }
++    uv_fs_req_cleanup(&req);
+   }
+ 
+   auto defer_close = OnScopeLeave([file, is_fd, &req]() {
+-- 
+2.34.1
+