pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/lang/nodejs10 nodejs10: updated to 10.19.0



details:   https://anonhg.NetBSD.org/pkgsrc/rev/bc4b13b1aa44
branches:  trunk
changeset: 411187:bc4b13b1aa44
user:      adam <adam%pkgsrc.org@localhost>
date:      Fri Feb 07 09:50:36 2020 +0000

description:
nodejs10: updated to 10.19.0

Version 10.19.0 'Dubnium' (LTS):

Notable changes

This is a security release.

Vulnerabilities fixed:

CVE-2019-15606: HTTP header values do not have trailing OWS trimmed.
CVE-2019-15605: HTTP request smuggling using malformed Transfer-Encoding header.
CVE-2019-15604: Remotely trigger an assertion on a TLS server with a malformed certificate string.

Also, HTTP parsing is more strict to be more secure. Since this may cause problems in interoperability with some non-conformant HTTP implementations, it is possible to disable the strict checks with 
the --insecure-http-parser command line flag, or the insecureHTTPParser http option. Using the insecure HTTP parser should be avoided.

diffstat:

 lang/nodejs10/Makefile |   4 ++--
 lang/nodejs10/distinfo |  10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diffs (30 lines):

diff -r 128f0542e59d -r bc4b13b1aa44 lang/nodejs10/Makefile
--- a/lang/nodejs10/Makefile    Fri Feb 07 08:39:32 2020 +0000
+++ b/lang/nodejs10/Makefile    Fri Feb 07 09:50:36 2020 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.3 2020/01/24 18:57:09 adam Exp $
+# $NetBSD: Makefile,v 1.4 2020/02/07 09:50:36 adam Exp $
 
-DISTNAME=      node-v10.18.1
+DISTNAME=      node-v10.19.0
 
 USE_LANGUAGES= c gnu++14
 
diff -r 128f0542e59d -r bc4b13b1aa44 lang/nodejs10/distinfo
--- a/lang/nodejs10/distinfo    Fri Feb 07 08:39:32 2020 +0000
+++ b/lang/nodejs10/distinfo    Fri Feb 07 09:50:36 2020 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.3 2020/01/24 18:57:09 adam Exp $
+$NetBSD: distinfo,v 1.4 2020/02/07 09:50:36 adam Exp $
 
-SHA1 (node-v10.18.1.tar.gz) = 272a6c0377e8cf6759407af14f9f39de393cdb51
-RMD160 (node-v10.18.1.tar.gz) = 6b03617ef1df6962e455311bae3c3b93cecc1dc7
-SHA512 (node-v10.18.1.tar.gz) = df8f1e58c645c457b6a271f3ed532020bc2420c97b80cb60dffcef9d1fd45a59234820d730b7ccb9d1fa764b1d3e68c69cafd415a5505de806677a91765b8176
-Size (node-v10.18.1.tar.gz) = 46995278 bytes
+SHA1 (node-v10.19.0.tar.gz) = eb57b9bd5db653a0c5de587f88491d1188650534
+RMD160 (node-v10.19.0.tar.gz) = d91870e2d10afe83a7f28bc9072af01d972ee979
+SHA512 (node-v10.19.0.tar.gz) = 59f584e27dfd99453a031722ca3e094d658a90e77316a85a7048868fe6a6164b8aef0f03b60cbe681ace273d902434210bf3cd10a638583b74264d8b42bf2565
+Size (node-v10.19.0.tar.gz) = 46995598 bytes
 SHA1 (patch-common.gypi) = de37949f38d9bd39a18b59d59ec74e528bd323ac
 SHA1 (patch-configure.py) = 0d5c5fb3b4f2618c15f96080b590baf6bde66391
 SHA1 (patch-deps_cares_cares.gyp) = 22b44f2ac59963f694dfe4f4585e08960b3dec32



Home | Main Index | Thread Index | Old Index