[pkgsrc/trunk]: pkgsrc/lang/nodejs12 nodejs12: updated to 12.22.7

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/lang/nodejs12 nodejs12: updated to 12.22.7
From: adam <adam%pkgsrc.org@localhost>
Date: Wed, 20 Oct 2021 11:27:32 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/117b0cb71fe5
branches:  trunk
changeset: 768344:117b0cb71fe5
user:      adam <adam%pkgsrc.org@localhost>
date:      Wed Oct 20 10:27:17 2021 +0000

description:
nodejs12: updated to 12.22.7

Version 12.22.7 'Erbium' (LTS)

This is a security release.

Notable changes

CVE-2021-22959: HTTP Request Smuggling due to spaced in headers (Medium)
The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details will be available at CVE-2021-22959 after 
publication.
CVE-2021-22960: HTTP Request Smuggling when parsing the body (Medium)
The parse ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions. More details will be available at CVE-2021-22960 
after publication.

diffstat:

 lang/nodejs12/Makefile |  5 ++---
 lang/nodejs12/distinfo |  8 ++++----
 2 files changed, 6 insertions(+), 7 deletions(-)

diffs (33 lines):

diff -r b4894079ab0f -r 117b0cb71fe5 lang/nodejs12/Makefile
--- a/lang/nodejs12/Makefile    Wed Oct 20 09:15:21 2021 +0000
+++ b/lang/nodejs12/Makefile    Wed Oct 20 10:27:17 2021 +0000
@@ -1,11 +1,10 @@
-# $NetBSD: Makefile,v 1.37 2021/09/29 19:00:08 adam Exp $
+# $NetBSD: Makefile,v 1.38 2021/10/20 10:27:17 adam Exp $
 
-DISTNAME=      node-v12.22.6
+DISTNAME=      node-v12.22.7
 EXTRACT_SUFX=  .tar.xz
 
 USE_LANGUAGES= c gnu++14
 
-PKGREVISION= 1
 .include "../../mk/bsd.prefs.mk"
 
 # XXX: figure out a way to add rpaths to torque
diff -r b4894079ab0f -r 117b0cb71fe5 lang/nodejs12/distinfo
--- a/lang/nodejs12/distinfo    Wed Oct 20 09:15:21 2021 +0000
+++ b/lang/nodejs12/distinfo    Wed Oct 20 10:27:17 2021 +0000
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.26 2021/10/07 14:21:02 nia Exp $
+$NetBSD: distinfo,v 1.27 2021/10/20 10:27:17 adam Exp $
 
-RMD160 (node-v12.22.6.tar.xz) = 1578f89347c4dbb7e0f94494995b69bd5c4b0e26
-SHA512 (node-v12.22.6.tar.xz) = d107f1ff7073d2db9f0198f14b0523870e9b262c71055de2e03fba54f87bc98a57dad43d902c0b349957df21de71dc066133d4831eb7eb07f4e548d0ac724fb2
-Size (node-v12.22.6.tar.xz) = 23664904 bytes
+RMD160 (node-v12.22.7.tar.xz) = 3ac959f37af003d7ab8bbf845609bdbc02c6024f
+SHA512 (node-v12.22.7.tar.xz) = 7697b409537114abf14a3847fffd8952fd35f54569bfa84ba527f231ac1defced5d11fe7bc39ff8ec7cccb282d584ff50a33bcbba16474c6a125808a29104222
+Size (node-v12.22.7.tar.xz) = 23661696 bytes
 SHA1 (patch-common.gypi) = a3fa3b5b974f910b3c8fea640ded4dca262e1ba8
 SHA1 (patch-deps_cares_cares.gyp) = 22b44f2ac59963f694dfe4f4585e08960b3dec32
 SHA1 (patch-deps_uv_common.gypi) = d38a9c8d9e3522f15812aec2f5b1e1e636d4bab3

Prev by Date: [pkgsrc/trunk]: pkgsrc/doc Updated net/rabbitmq, lang/nodejs
Next by Date: [pkgsrc/trunk]: pkgsrc/devel/yarn yarn: updated 1.22.17
Previous by Thread: [pkgsrc/trunk]: pkgsrc/doc Updated net/rabbitmq, lang/nodejs
Next by Thread: [pkgsrc/trunk]: pkgsrc/devel/yarn yarn: updated 1.22.17
Indexes:

Home | Main Index | Thread Index | Old Index