NOTICE: This package has been removed from pkgsrc

./lang/nodejs4, V8 JavaScript for clients and servers

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ]


Branch: CURRENT, Version: 4.8.6, Package name: nodejs-4.8.6, Maintainer: filip

Node.js is an evented I/O framework for the V8 JavaScript engine. It is
intended for writing scalable network programs such as web servers.

This package holds the 4.x LTS release.


Required to run:
[security/openssl] [lang/python27]

Required to build:
[pkgtools/cwrappers]

Package options: openssl

Master sites:

SHA1: 78793cbb2c88865468ac09aae0a0de0b4477b627
RMD160: 9427cb8c7a65e537101c1fc0780619c4536b1f76
Filesize: 22318.063 KB

Version history: (Expand)


CVS history: (Expand)


   2017-11-08 19:46:37 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
Update lang/nodejs4 to 4.8.6.

crypto:
- update root certificates

deps:
- add support for more modern versions of INTL
- upgrade openssl sources to 1.0.2m
   2017-10-25 15:56:01 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
Update lang/nodejs4 to 4.8.5.

zlib:
- CVE-2017-14919 - In zlib v1.2.9, a change was made that causes an
  error to be raised when a raw deflate stream is initialized with
  windowBits set to 8. On some versions this crashes Node and you cannot
  recover from it, while on some versions it throws an exception.
  Node.js will now gracefully set windowBits to 9 replicating the legacy
  behavior to avoid a DOS vector.
   2017-09-18 11:53:40 by Maya Rashish | Files touched by this commit (676)
Log message:
revbump for requiring ICU 59.x
   2017-07-11 21:16:46 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
Update lang/nodejs4 to 4.8.4.

- Disable V8 snapshots - The hashseed embedded in the snapshot is
  currently the same for all runs of the binary. This opens node up to
  collision attacks which could result in a Denial of Service. We have
  temporarily disabled snapshots until a more robust solution is found
- CVE-2017-1000381 - The c-ares function ares_parse_naptr_reply(), which
  is used for parsing NAPTR responses, could be triggered to read memory
  outside of the given input buffer if the passed in DNS response packet
  was crafted in a particular way. This patch checks that there is
  enough data for the required elements of an NAPTR record (2 int16, 3
  bytes for string lengths) before processing a record.
   2017-05-03 13:43:39 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
Update lang/nodejs4 to 4.8.3.

- module: The module loading global fallback to the Node executable's
  directory now works correctly on Windows.
- src: fix base64 decoding in rare edgecase
- tls: fix rare segmentation faults when using TLS
   2017-04-22 23:04:05 by Adam Ciarcinski | Files touched by this commit (670) | Package updated
Log message:
Revbump after icu update
   2017-04-06 16:57:49 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
Update lang/nodejs4 to 4.8.2.

- crypto: fix memory leak if certificate is revoked
- deps: upgrade zlib to 1.2.11
   2017-03-30 18:40:11 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
Update lang/nodejs4 to 4.8.1.

- buffer: The performance of .toJSON() is now up to 2859% faster on
  average.
- IPC: Batched writes have been enabled for process IPC on platforms
  that support Unix Domain Sockets.
  - Performance gains may be up to 40% for some workloads.
- http: Control characters are now always rejected when using
  http.request().
- node: Heap statistics now support values larger than 4GB.