Navigation:
Browse pkgsrc
(this page) 2024-03-07 18:07:43 by Adam Ciarcinski | Files touched by this commit (4) |  |
Log message: nodejs: updated to 21.7.0 Version 21.7.0 (Current) Text Styling Loading and parsing environment variables Support for multi-line values for .env file sea: support embedding assets vm: support using the default loader to handle dynamic import() crypto: implement crypto.hash() |
| 2024-02-14 22:15:56 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: nodejs: updated to 21.6.2 Version 21.6.2 (Current) Notable changes CVE-2024-21892 - Code injection and privilege escalation through Linux \ capabilities- (High) CVE-2024-22019 - http: Reading unprocessed HTTP request with unbounded chunk \ extension allows DoS attacks- (High) CVE-2024-21896 - Path traversal by monkey-patching Buffer internals- (High) CVE-2024-22017 - setuid() does not drop all privileges due to io_uring - (High) CVE-2023-46809 - Node.js is vulnerable to the Marvin Attack (timing variant of \ the Bleichenbacher attack against PKCS#1 v1.5 padding) - (Medium) CVE-2024-21891 - Multiple permission model bypasses due to improper path \ traversal sequence sanitization - (Medium) CVE-2024-21890 - Improper handling of wildcards in --allow-fs-read and \ --allow-fs-write (Medium) CVE-2024-22025 - Denial of Service by resource exhaustion in fetch() brotli \ decoding - (Medium) undici version 5.28.3 libuv version 1.48.0 OpenSSL version 3.0.13+quic1 |
| 2024-01-25 18:11:34 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: nodejs: updated to 21.6.1 Version 21.6.1 (Current) Notable Changes This release fixes a bug in undici using WebStreams |
| 2024-01-22 17:49:18 by Adam Ciarcinski | Files touched by this commit (31) |
Log message: nodejs16: removed; end-of-life |
| 2024-01-18 13:33:06 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: nodejs: updated to 21.6.0 Version 21.6.0 (Current) New connection attempt events Changes to the Permission Model Support configurable snapshot through --build-snapshot-config flag timers: export timers.promises |
| 2023-12-30 17:15:13 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: nodejs: updated to 21.5.0 Version 21.5.0 (Current) Notable Changes - (SEMVER-MINOR) deps: add simdjson (Yagiz Nizipli) - module: merge config with package_json_reader (Yagiz Nizipli) - src: move package resolver to c++ (Yagiz Nizipli) |
| 2023-12-07 13:23:23 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: nodejs: updated to 21.4.0 Version 21.4.0 (Current) Notable Changes This release fixes a regression introduced in v21.3.0 that caused the \ fs.writeFileSync method to throw when called with 'utf8' encoding, no flag \ option, and if the target file didn't exist yet. |
| 2023-12-04 09:24:06 by Adam Ciarcinski | Files touched by this commit (3) | |
Log message: nodejs: updated to 21.3.0 Version 21.3.0 (Current) New --disable-warning flag Update Root Certificates to NSS 3.95 Fast fs.writeFileSync with UTF-8 Strings |
| 2023-11-23 17:57:37 by Jonathan Perkin | Files touched by this commit (5) |
Log message: nodejs*: Consolidate and fix python includes. Ensures that PYTHON_FOR_BUILD_ONLY is set prior to including pyversion.mk, and ensures python and its dependencies are not buildlinked. |
| 2023-11-22 17:30:23 by Jonathan Perkin | Files touched by this commit (1) |
Log message: nodejs: Switch PYTHON_FOR_BUILD_ONLY to "tool". Avoids problems where python is buildlinked, and buildlink dependencies of python ending up being available during the build but not registered as full dependencies, resulting in them potentially being unavailable at runtime. |
New packages: