[pkgsrc/trunk]: pkgsrc/lang/nodejs nodejs: updated to 14.4.0

To: source-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/lang/nodejs nodejs: updated to 14.4.0
From: adam <adam%pkgsrc.org@localhost>
Date: Wed, 03 Jun 2020 10:01:48 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/10e58877cfcc
branches:  trunk
changeset: 433492:10e58877cfcc
user:      adam <adam%pkgsrc.org@localhost>
date:      Wed Jun 03 08:41:24 2020 +0000

description:
nodejs: updated to 14.4.0

Version 14.4.0 (Current)

Notable changes

This is a security release.

Vulnerabilities fixed:

CVE-2020-8172: TLS session reuse can lead to host certificate verification bypass (High).
CVE-2020-11080: HTTP/2 Large Settings Frame DoS (Low).
CVE-2020-8174: napi_get_value_string_*() allows various kinds of memory corruption (High).

Commits

- crypto: update root certificates
- (SEMVER-MINOR) deps: update nghttp2 to 1.41.0
- (SEMVER-MINOR) http2: implement support for max settings entries
- napi: fix memory corruption vulnerability
- tls: emit session after verifying certificate
- tools: update certdata.txt

diffstat:

 lang/nodejs/Makefile |   5 ++---
 lang/nodejs/distinfo |  10 +++++-----
 2 files changed, 7 insertions(+), 8 deletions(-)

diffs (35 lines):

diff -r 2fc8c651b0da -r 10e58877cfcc lang/nodejs/Makefile
--- a/lang/nodejs/Makefile      Wed Jun 03 08:40:21 2020 +0000
+++ b/lang/nodejs/Makefile      Wed Jun 03 08:41:24 2020 +0000
@@ -1,11 +1,10 @@
-# $NetBSD: Makefile,v 1.183 2020/06/02 08:22:45 adam Exp $
+# $NetBSD: Makefile,v 1.184 2020/06/03 08:41:24 adam Exp $
 
-DISTNAME=      node-v14.3.0
+DISTNAME=      node-v14.4.0
 EXTRACT_SUFX=  .tar.xz
 
 USE_LANGUAGES= c gnu++14
 
-PKGREVISION= 1
 .include "../../mk/bsd.prefs.mk"
 
 # XXX: figure out a way to add rpaths to torque
diff -r 2fc8c651b0da -r 10e58877cfcc lang/nodejs/distinfo
--- a/lang/nodejs/distinfo      Wed Jun 03 08:40:21 2020 +0000
+++ b/lang/nodejs/distinfo      Wed Jun 03 08:41:24 2020 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.171 2020/05/20 06:58:35 adam Exp $
+$NetBSD: distinfo,v 1.172 2020/06/03 08:41:24 adam Exp $
 
-SHA1 (node-v14.3.0.tar.xz) = 5c83a27cf71559f8afdc30572f51860a3f900bca
-RMD160 (node-v14.3.0.tar.xz) = 0095c9ddf3890dfd6e3291cd734bddad04c1e6fe
-SHA512 (node-v14.3.0.tar.xz) = 3afcc430bad57150baa8d1c0e5ef0f64691ef6549a052be654a86313fe28f31e7fdfeea4d2b3993798a7141bc6d7b1642747d1bc2636139e2f2fd79441580148
-Size (node-v14.3.0.tar.xz) = 32985344 bytes
+SHA1 (node-v14.4.0.tar.xz) = 410b41fc6723af146914d1359ef2c19646d3bde2
+RMD160 (node-v14.4.0.tar.xz) = 830ab17bad8cbb9d04877216c157e86cb149c58f
+SHA512 (node-v14.4.0.tar.xz) = f1a7c788a8a149b942ec2b90a4314baaa5355c381029eda45002728ce7209925c016323b0ec1e0dfe2359fddb24f494df125805d0d266b738a333dcddb3f59c3
+Size (node-v14.4.0.tar.xz) = 33005312 bytes
 SHA1 (patch-common.gypi) = f0bd2962bf7c8466db24b35a35154897ecad6316
 SHA1 (patch-deps_cares_cares.gyp) = 22b44f2ac59963f694dfe4f4585e08960b3dec32
 SHA1 (patch-deps_uv_common.gypi) = d38a9c8d9e3522f15812aec2f5b1e1e636d4bab3

Prev by Date: [pkgsrc/trunk]: pkgsrc/lang/perl5 perl5: updated to 5.30.3
Next by Date: [pkgsrc/trunk]: pkgsrc/graphics/freetype2 freetype2: updated to 2.10.2
Previous by Thread: [pkgsrc/trunk]: pkgsrc/lang/perl5 perl5: updated to 5.30.3
Next by Thread: [pkgsrc/trunk]: pkgsrc/graphics/freetype2 freetype2: updated to 2.10.2
Indexes:

Home | Main Index | Thread Index | Old Index