./lang/nodejs4, V8 JavaScript for clients and servers

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 4.8.4, Package name: nodejs-4.8.4, Maintainer: filip

Node.js is an evented I/O framework for the V8 JavaScript engine. It is
intended for writing scalable network programs such as web servers.

This package holds the 4.x LTS release.


Required to run:
[security/openssl] [lang/python27] [devel/libexecinfo] [lang/gcc48-libs]

Required to build:
[lang/gcc48] [sysutils/lockf] [pkgtools/cwrappers]

Package options: openssl

Master sites:

SHA1: f93917817c620c4314ba622a70af4c9565b11286
RMD160: 6ef96faf5f404d6f7d60b9db5d9491ac87fc9b68
Filesize: 22240.819 KB

Version history: (Expand)


CVS history: (Expand)


   2017-07-11 21:16:46 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
Update lang/nodejs4 to 4.8.4.

- Disable V8 snapshots - The hashseed embedded in the snapshot is
  currently the same for all runs of the binary. This opens node up to
  collision attacks which could result in a Denial of Service. We have
  temporarily disabled snapshots until a more robust solution is found
- CVE-2017-1000381 - The c-ares function ares_parse_naptr_reply(), which
  is used for parsing NAPTR responses, could be triggered to read memory
  outside of the given input buffer if the passed in DNS response packet
  was crafted in a particular way. This patch checks that there is
  enough data for the required elements of an NAPTR record (2 int16, 3
  bytes for string lengths) before processing a record.
   2017-05-03 13:43:39 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
Update lang/nodejs4 to 4.8.3.

- module: The module loading global fallback to the Node executable's
  directory now works correctly on Windows.
- src: fix base64 decoding in rare edgecase
- tls: fix rare segmentation faults when using TLS
   2017-04-22 23:04:05 by Adam Ciarcinski | Files touched by this commit (670) | Package updated
Log message:
Revbump after icu update
   2017-04-06 16:57:49 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
Update lang/nodejs4 to 4.8.2.

- crypto: fix memory leak if certificate is revoked
- deps: upgrade zlib to 1.2.11
   2017-03-30 18:40:11 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
Update lang/nodejs4 to 4.8.1.

- buffer: The performance of .toJSON() is now up to 2859% faster on
  average.
- IPC: Batched writes have been enabled for process IPC on platforms
  that support Unix Domain Sockets.
  - Performance gains may be up to 40% for some workloads.
- http: Control characters are now always rejected when using
  http.request().
- node: Heap statistics now support values larger than 4GB.
   2017-02-22 12:41:26 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
Update lang/nodejs4 to 4.8.0.

Notable Changes

- child_process: add shell option to spawn()
- deps:
  - v8: expose statistics about heap spaces
- crypto:
  - add ALPN Support
  - allow adding extra certs to well-known CAs
- fs: add the fs.mkdtemp() function.
- process:
  - add externalMemory to process
  - add process.cpuUsage()
   2017-02-13 15:18:20 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
Update lang/nodejs4 to 4.7.3.

Notable Changes

- deps: upgrade openssl sources to 1.0.2k
   2017-01-06 10:59:25 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
Update lang/nodejs4 to 4.7.2.

This is a special release that contains 0 commits. While promoting
additional platforms for v4.7.1 after the release, the tarballs on
the release server were overwritten and now have different shasums.
In order to remove any ambiguity around the release we have opted
to do a semver patch release with no changes.