pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/lang/nodejs
Module Name: pkgsrc
Committed By: adam
Date: Tue Jul 6 07:05:40 UTC 2021
Modified Files:
pkgsrc/lang/nodejs: Makefile distinfo
Log Message:
nodejs: updated to 14.17.3
Version 14.17.3 'Fermium' (LTS)
Notable Changes
Node.js 14.17.2 introduced a regression in the Windows installer on non-English locales that is being fixed in this release. There is no need to download this release if you are not using the Windows
installer.
Version 14.17.2 'Fermium' (LTS)
This is a security release.
Notable Changes
Vulnerabilities fixed:
CVE-2021-22918: libuv upgrade - Out of bounds read (Medium)
Node.js is vulnerable to out-of-bounds read in libuv's uv__idna_toascii() function which is used to convert strings to ASCII. This is called by Node's dns module's lookup() function and can lead to
information disclosures or crashes. You can read more about it in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22918
CVE-2021-22921: Windows installer - Node Installer Local Privilege Escalation (Medium)
Node.js is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. More specifically, improper configuration of permissions in the installation directory
allows an attacker to perform two different escalation attacks: PATH and DLL hijacking. You can read more about it in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22921
To generate a diff of this commit:
cvs rdiff -u -r1.216 -r1.217 pkgsrc/lang/nodejs/Makefile
cvs rdiff -u -r1.198 -r1.199 pkgsrc/lang/nodejs/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/lang/nodejs/Makefile
diff -u pkgsrc/lang/nodejs/Makefile:1.216 pkgsrc/lang/nodejs/Makefile:1.217
--- pkgsrc/lang/nodejs/Makefile:1.216 Thu Jun 24 09:29:21 2021
+++ pkgsrc/lang/nodejs/Makefile Tue Jul 6 07:05:39 2021
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.216 2021/06/24 09:29:21 adam Exp $
+# $NetBSD: Makefile,v 1.217 2021/07/06 07:05:39 adam Exp $
-DISTNAME= node-v14.17.1
+DISTNAME= node-v14.17.3
EXTRACT_SUFX= .tar.xz
USE_LANGUAGES= c gnu++14
Index: pkgsrc/lang/nodejs/distinfo
diff -u pkgsrc/lang/nodejs/distinfo:1.198 pkgsrc/lang/nodejs/distinfo:1.199
--- pkgsrc/lang/nodejs/distinfo:1.198 Thu Jun 24 09:29:21 2021
+++ pkgsrc/lang/nodejs/distinfo Tue Jul 6 07:05:39 2021
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.198 2021/06/24 09:29:21 adam Exp $
+$NetBSD: distinfo,v 1.199 2021/07/06 07:05:39 adam Exp $
-SHA1 (node-v14.17.1.tar.xz) = c96b0ccc7b69dec45599c7614099079d87035794
-RMD160 (node-v14.17.1.tar.xz) = e46ea519532f7e4486389290d9a9d8926c2b37fd
-SHA512 (node-v14.17.1.tar.xz) = 354f9f215a4915ca3dbccdbb90c14fb8bfb8b0ed8ece4f95106d7b068affdeab65a79db0beb2c7d6af03dc15567edc5250629deedd38a9de7d581f76716315f8
-Size (node-v14.17.1.tar.xz) = 33580416 bytes
+SHA1 (node-v14.17.3.tar.xz) = 248ddc0f050c7fc1396f2d2e83a503a64b4e0eaa
+RMD160 (node-v14.17.3.tar.xz) = 5f392a980922dfab4b608ab010bea572e07885b8
+SHA512 (node-v14.17.3.tar.xz) = c6096715299f155b96df873976da91e854da7e99cde635cdb65d5c962abc5283dac86b8ddce4f5a9f7498f9793ff08943645b5e5b0b23395dfe035f7295218bb
+Size (node-v14.17.3.tar.xz) = 33585080 bytes
SHA1 (patch-common.gypi) = f0bd2962bf7c8466db24b35a35154897ecad6316
SHA1 (patch-deps_cares_cares.gyp) = 22b44f2ac59963f694dfe4f4585e08960b3dec32
SHA1 (patch-deps_uv_common.gypi) = d38a9c8d9e3522f15812aec2f5b1e1e636d4bab3
@@ -16,11 +16,9 @@ SHA1 (patch-deps_v8_src_base_platform_se
SHA1 (patch-deps_v8_src_codegen_arm_cpu-arm.cc) = 84c75d61bc99c2ff9adeac3152f5b11ebb0e582b
SHA1 (patch-deps_v8_src_common_globals.h) = 86637724864389f2b24251904de41669a2f00fbc
SHA1 (patch-deps_v8_src_compiler_types.h) = 2a212282ab9d71e98ae56827fdb1d9778a6047a5
-SHA1 (patch-deps_v8_src_objects_js-list-format.cc) = b1acf2f9890f04aba58f82012528f9a425751896
SHA1 (patch-deps_v8_src_zone_zone.h) = 651b49d242dac8f713cccc101147ccf61f828ecb
SHA1 (patch-deps_v8_tools_run-llprof.sh) = 39aa3faf77492ef8dd35b411b7b0e4605b469af3
SHA1 (patch-node.gypi) = 4a104dba6c22702211009bc60a6be6f87554e2fa
-SHA1 (patch-src_cares__wrap.h) = 6eeb5397daaa1255a09f7e36cfd1724c395bd4b2
SHA1 (patch-src_inspector__agent.cc) = 2ec2a7be459648700488096f467a4ae6af5a9d91
SHA1 (patch-src_node__postmortem__metadata.cc) = 9938482d724ad6636af5dc3fa719ec26ed8539ff
SHA1 (patch-tools_gyp_pylib_gyp_generator_make.py) = 34d4f113d85b4502bc8240fac50dc37554ab4ebb
Home |
Main Index |
Thread Index |
Old Index