CVS commit: pkgsrc/lang

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/lang
From: "Filip Hajny" <fhajny%netbsd.org@localhost>
Date: Fri, 4 Dec 2015 12:18:36 +0000

Module Name:    pkgsrc
Committed By:   fhajny
Date:           Fri Dec  4 12:18:36 UTC 2015

Modified Files:
        pkgsrc/lang/nodejs: Makefile distinfo
        pkgsrc/lang/nodejs4: Makefile distinfo

Log Message:
Update nodejs4 to 4.2.3 and nodejs to 5.1.1.

Notable changes

- http: Fix a bug where an HTTP socket may no longer have a socket
  but a pipelined request triggers a pause or resume, a potential
  denial-of-service vector. (Fedor Indutny)
- openssl: Upgrade to 1.0.2e, containing fixes for:
  - CVE-2015-3193 "BN_mod_exp may produce incorrect results on x86_64",
    an attack is considered feasible against a Node.js TLS server
    using DHE key exchange. Details are available at
    http://openssl.org/news/secadv/20151203.txt.
  - CVE-2015-3194 "Certificate verify crash with missing PSS parameter",
    a potential denial-of-service vector for Node.js TLS servers; TLS
    clients are also impacted. Details are available at
    http://openssl.org/news/secadv/20151203.txt. (Shigeki Ohtsu) #4134
- v8: Backport fixes for a bug in JSON.stringify() that can result in
  out-of-bounds reads for arrays. (Ben Noordhuis)


To generate a diff of this commit:
cvs rdiff -u -r1.49 -r1.50 pkgsrc/lang/nodejs/Makefile
cvs rdiff -u -r1.48 -r1.49 pkgsrc/lang/nodejs/distinfo
cvs rdiff -u -r1.1 -r1.2 pkgsrc/lang/nodejs4/Makefile \
    pkgsrc/lang/nodejs4/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/devel/pkg-config
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/devel/pkg-config
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index