pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/lang/nodejs6

Module Name:    pkgsrc
Committed By:   fhajny
Date:           Tue Jul 11 19:10:32 UTC 2017

Modified Files:
        pkgsrc/lang/nodejs6: Makefile distinfo

Log Message:
Update lang/nodejs6 to 6.11.1.

- Disable V8 snapshots - The hashseed embedded in the snapshot is
  currently the same for all runs of the binary. This opens node up to
  collision attacks which could result in a Denial of Service. We have
  temporarily disabled snapshots until a more robust solution is found
- CVE-2017-1000381 - The c-ares function ares_parse_naptr_reply(), which
  is used for parsing NAPTR responses, could be triggered to read memory
  outside of the given input buffer if the passed in DNS response packet
  was crafted in a particular way. This patch checks that there is
  enough data for the required elements of an NAPTR record (2 int16, 3
  bytes for string lengths) before processing a record.


To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 pkgsrc/lang/nodejs6/Makefile
cvs rdiff -u -r1.11 -r1.12 pkgsrc/lang/nodejs6/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: pkgsrc/lang/nodejs6/Makefile
diff -u pkgsrc/lang/nodejs6/Makefile:1.12 pkgsrc/lang/nodejs6/Makefile:1.13
--- pkgsrc/lang/nodejs6/Makefile:1.12   Wed Jun  7 11:09:44 2017
+++ pkgsrc/lang/nodejs6/Makefile        Tue Jul 11 19:10:32 2017
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.12 2017/06/07 11:09:44 fhajny Exp $
+# $NetBSD: Makefile,v 1.13 2017/07/11 19:10:32 fhajny Exp $
 
-DISTNAME=      node-v6.11.0
+DISTNAME=      node-v6.11.1
 
 .include "../../lang/nodejs/Makefile.common"
 .include "../../mk/bsd.pkg.mk"

Index: pkgsrc/lang/nodejs6/distinfo
diff -u pkgsrc/lang/nodejs6/distinfo:1.11 pkgsrc/lang/nodejs6/distinfo:1.12
--- pkgsrc/lang/nodejs6/distinfo:1.11   Wed Jun  7 11:09:44 2017
+++ pkgsrc/lang/nodejs6/distinfo        Tue Jul 11 19:10:32 2017
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.11 2017/06/07 11:09:44 fhajny Exp $
+$NetBSD: distinfo,v 1.12 2017/07/11 19:10:32 fhajny Exp $
 
-SHA1 (node-v6.11.0.tar.gz) = df31d0e4e2104b3a62342533af5fb879f321416b
-RMD160 (node-v6.11.0.tar.gz) = efc2d60ac3ce98897f3376707b972bf727bbe10c
-SHA512 (node-v6.11.0.tar.gz) = a298232f6393735f2d459eb23f78089dd7eb1bae4907dfe61b286ceb8f93d3131c2dd45f09643089d00e2a4bef0f35739c9c8984f88b34c0ab515793f38eda46
-Size (node-v6.11.0.tar.gz) = 26797030 bytes
+SHA1 (node-v6.11.1.tar.gz) = 6292aa058ec003e7633e56e714755f2a0e48eb9c
+RMD160 (node-v6.11.1.tar.gz) = de2731488a712e8caae1e39a809cee8f2544455a
+SHA512 (node-v6.11.1.tar.gz) = 72a622ed5b884ddfc467ca665c5ba0ed03093dff221664359fe5587f24c2c9a95775002089528fad56bdfafce2489c912638e68a7e10c74a730b07cbde28fab6
+Size (node-v6.11.1.tar.gz) = 26799657 bytes
 SHA1 (patch-common.gypi) = 5b3a50617358637a6f910de28bb5a14f037317a6
 SHA1 (patch-deps_cares_cares.gyp) = 2235eb44bc984fa2e745fdf1786f1ae6de6ef80f
 SHA1 (patch-deps_npm_node__modules_node-gyp_gyp_pylib_gyp_generator_make.py) = 78d6ddd37ae30e869e0da666a78baad86a638c50
Home | Main Index | Thread Index | Old Index