Navigation:
Browse pkgsrc
(this page) 2019-12-09 21:05:41 by Adam Ciarcinski | Files touched by this commit (27) |  |
Log message: nodejs: added version 12.13.1, removed version 6.14.3 Moved nodejs to nodejs10 - version 10.17.0 Version 12.13.1 'Erbium' (LTS): Notable changes Experimental support for building Node.js with Python 3 is improved. ICU time zone data is updated to version 2019c. This fixes the date offset in Brazil. |
| 2018-08-16 15:40:26 by Filip Hajny | Files touched by this commit (2) |
Log message: lang/nodejs6: Update to 6.14.4. - buffer: Fix out-of-bounds (OOB) write in Buffer.write() for UCS-2 encoding (CVE-2018-12115) |
| 2018-06-14 12:52:33 by Filip Hajny | Files touched by this commit (2) |
Log message: lang/nodejs6: Update to 6.14.3. - buffer (CVE-2018-7167): Fixes Denial of Service vulnerability where calling Buffer.fill() could hang |
| 2018-05-12 10:59:56 by Filip Hajny | Files touched by this commit (12) |
Log message: lang/nodejs: Use pkgsrc http-parser, libuv, libcares instead of bundled versions. Switch back to bundled nghttp2 on lang/nodejs to reconcile a conflict of OpenSSL versions. |
| 2018-05-04 16:28:32 by Filip Hajny | Files touched by this commit (4) |
Log message: lang/nodejs*: Provide bl3 to nodejs packages to provide headers. |
| 2018-05-03 23:12:23 by Filip Hajny | Files touched by this commit (4) |
Log message:
lang/nodejs{6,8}: Decouple respective options.mk from main package.
|
| 2018-05-03 12:29:16 by Filip Hajny | Files touched by this commit (3) |
Log message: lang/nodejs6: Update to 6.14.2. - n-api has been backported to v6.x. It is being landed as an experimental interface, and as such is landing in a Semver-Patch release. |
| 2018-05-02 18:33:03 by Filip Hajny | Files touched by this commit (16) |
Log message: lang/nodejs*: Remove the npm package manager from nodejs packages. Introduce \ nodeversion.mk framework to pick and depend on one of the supported nodejs \ version packages. Bump respective PKGREVISIONs. |
| 2018-04-04 12:35:55 by Filip Hajny | Files touched by this commit (2) |
Log message: lang/nodejs6: Update to 6.14.1. Fixes for the following CVEs are included in this release: - CVE-2018-7158 - CVE-2018-7159 - CVE-2018-7160 Notable Changes - Fix for inspector DNS rebinding vulnerability (CVE-2018-7160): A malicious website could use a DNS rebinding attack to trick a web browser to bypass same-origin-policy checks and allow HTTP connections to localhost or to hosts on the local network, potentially to an open inspector port as a debugger, therefore gaining full code execution access. The inspector now only allows connections that have a browser Host value of localhost or localhost6. - Fix for 'path' module regular expression denial of service (CVE-2018-7158): A regular expression used for parsing POSIX paths could be used to cause a denial of service if an attacker were able to have a specially crafted path string passed through one of the impacted 'path' module functions. - Reject spaces in HTTP Content-Length header values (CVE-2018-7159): The Node.js HTTP parser allowed for spaces inside Content-Length header values. Such values now lead to rejected connections in the same way as non-numeric values. - Update root certificates: 5 additional root certificates have been added to the Node.js binary and 30 have been removed. |
| 2018-03-07 12:45:48 by Filip Hajny | Files touched by this commit (2) |
Log message: lang/nodejs6: Update to 6.13.1. http, tls: - better support for IPv6 addresses |
New packages: