Navigation:
Browse pkgsrc
(this page) 2017-10-31 19:52:44 by S.P.Zeidler | Files touched by this commit (2) |  |
Log message:
Pullup ticket #5593 - requested by sevan
lang/nodejs4: security update
Revisions pulled up:
- lang/nodejs4/Makefile 1.35
- lang/nodejs4/distinfo 1.30
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: fhajny
Date: Wed Oct 25 13:56:01 UTC 2017
Modified Files:
pkgsrc/lang/nodejs4: Makefile distinfo
Log message:
Update lang/nodejs4 to 4.8.5.
zlib:
- CVE-2017-14919 - In zlib v1.2.9, a change was made that causes an
error to be raised when a raw deflate stream is initialized with
windowBits set to 8. On some versions this crashes Node and you cannot
recover from it, while on some versions it throws an exception.
Node.js will now gracefully set windowBits to 9 replicating the legacy
behavior to avoid a DOS vector.
To generate a diff of this commit:
cvs rdiff -u -r1.34 -r1.35 pkgsrc/lang/nodejs4/Makefile
cvs rdiff -u -r1.29 -r1.30 pkgsrc/lang/nodejs4/distinfo
|
New packages: