pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/lang/nodejs12 nodejs12: updated to 12.15.0



details:   https://anonhg.NetBSD.org/pkgsrc/rev/51882c14a1f0
branches:  trunk
changeset: 411188:51882c14a1f0
user:      adam <adam%pkgsrc.org@localhost>
date:      Fri Feb 07 09:51:09 2020 +0000

description:
nodejs12: updated to 12.15.0

Version 12.15.0 'Erbium' (LTS):

Notable changes

This is a security release.

Vulnerabilities fixed:

CVE-2019-15606: HTTP header values do not have trailing OWS trimmed.
CVE-2019-15605: HTTP request smuggling using malformed Transfer-Encoding header.
CVE-2019-15604: Remotely trigger an assertion on a TLS server with a malformed certificate string.

Also, HTTP parsing is more strict to be more secure. Since this may cause problems in interoperability with some non-conformant HTTP implementations, it is possible to disable the strict checks with 
the --insecure-http-parser command line flag, or the insecureHTTPParser http option. Using the insecure HTTP parser should be avoided.

diffstat:

 lang/nodejs12/Makefile |   5 ++---
 lang/nodejs12/distinfo |  10 +++++-----
 2 files changed, 7 insertions(+), 8 deletions(-)

diffs (31 lines):

diff -r bc4b13b1aa44 -r 51882c14a1f0 lang/nodejs12/Makefile
--- a/lang/nodejs12/Makefile    Fri Feb 07 09:50:36 2020 +0000
+++ b/lang/nodejs12/Makefile    Fri Feb 07 09:51:09 2020 +0000
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.5 2020/01/24 18:55:49 adam Exp $
+# $NetBSD: Makefile,v 1.6 2020/02/07 09:51:09 adam Exp $
 
-DISTNAME=      node-v12.14.1
-PKGREVISION=   1
+DISTNAME=      node-v12.15.0
 
 USE_LANGUAGES= c gnu++14
 
diff -r bc4b13b1aa44 -r 51882c14a1f0 lang/nodejs12/distinfo
--- a/lang/nodejs12/distinfo    Fri Feb 07 09:50:36 2020 +0000
+++ b/lang/nodejs12/distinfo    Fri Feb 07 09:51:09 2020 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.4 2020/01/24 18:55:49 adam Exp $
+$NetBSD: distinfo,v 1.5 2020/02/07 09:51:09 adam Exp $
 
-SHA1 (node-v12.14.1.tar.gz) = ebf6b7769a53a135381e53bac756808f0d6db993
-RMD160 (node-v12.14.1.tar.gz) = 916e3a53c9c60bffd1549b2c0607dba0d9864e02
-SHA512 (node-v12.14.1.tar.gz) = ded6f0d9600c77b87537227e0a803f1ead462ab8dc7293641c92da43aa43dcc7dc330e46f384864b953f903d7926f77cbc6223a7898bc6162570a34ad29e0cee
-Size (node-v12.14.1.tar.gz) = 51838191 bytes
+SHA1 (node-v12.15.0.tar.gz) = a5cf078761723aaaa92f5db0cecc50548bee84b5
+RMD160 (node-v12.15.0.tar.gz) = a160fa2e79f71ab82e1b40649e89a05455f22e88
+SHA512 (node-v12.15.0.tar.gz) = b1c5412b27b85e286f7f5e6758f30659655f18570e9b114d6743cea98e902297f0bd591ffe36e2a4483a3b9e5138f5f82f5975131eaab72495a477f960b938e0
+Size (node-v12.15.0.tar.gz) = 51845369 bytes
 SHA1 (patch-common.gypi) = de37949f38d9bd39a18b59d59ec74e528bd323ac
 SHA1 (patch-deps_cares_cares.gyp) = 22b44f2ac59963f694dfe4f4585e08960b3dec32
 SHA1 (patch-deps_uv_common.gypi) = d38a9c8d9e3522f15812aec2f5b1e1e636d4bab3



Home | Main Index | Thread Index | Old Index