[pkgsrc/trunk]: pkgsrc/lang/nodejs nodejs: updated to 13.8.0

[adam <adam%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/c0891ebe3936
branches:  trunk
changeset: 422953:c0891ebe3936
user:      adam <adam%pkgsrc.org@localhost>
date:      Fri Feb 07 09:51:53 2020 +0000

description:
nodejs: updated to 13.8.0

Version 13.8.0 (Current):

Notable Changes

This is a security release.

Vulnerabilities fixed:

CVE-2019-15606: HTTP header values do not have trailing OWS trimmed.
CVE-2019-15605: HTTP request smuggling using malformed Transfer-Encoding header.
CVE-2019-15604: Remotely trigger an assertion on a TLS server with a malformed certificate string.

Also, HTTP parsing is more strict to be more secure. Since this may cause problems in interoperability with some non-conformant HTTP implementations, it is possible to disable the strict checks with 
the --insecure-http-parser command line flag, or the insecureHTTPParser http option. Using the insecure HTTP parser should be avoided.

diffstat:

 lang/nodejs/Makefile |   4 ++--
 lang/nodejs/distinfo |  10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diffs (30 lines):

diff -r f10a8fa27031 -r c0891ebe3936 lang/nodejs/Makefile
--- a/lang/nodejs/Makefile      Fri Feb 07 09:51:09 2020 +0000
+++ b/lang/nodejs/Makefile      Fri Feb 07 09:51:53 2020 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.169 2020/01/24 18:52:20 adam Exp $
+# $NetBSD: Makefile,v 1.170 2020/02/07 09:51:53 adam Exp $
 
-DISTNAME=      node-v13.7.0
+DISTNAME=      node-v13.8.0
 
 USE_LANGUAGES= c gnu++14
 
diff -r f10a8fa27031 -r c0891ebe3936 lang/nodejs/distinfo
--- a/lang/nodejs/distinfo      Fri Feb 07 09:51:09 2020 +0000
+++ b/lang/nodejs/distinfo      Fri Feb 07 09:51:53 2020 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.160 2020/01/24 18:52:20 adam Exp $
+$NetBSD: distinfo,v 1.161 2020/02/07 09:51:53 adam Exp $
 
-SHA1 (node-v13.7.0.tar.gz) = e5da933b16bd8760a21900877b1f1b44a0920b80
-RMD160 (node-v13.7.0.tar.gz) = b13d08312ff913665fcc664fc080296e0af9f125
-SHA512 (node-v13.7.0.tar.gz) = 0d05af7779f20665ade23a9180dad80920f0b81fc02de7b84b36ad0131fd339e6c6cdd74542c320345a958658584a14a669491ac1ad686407ee0ac9621b694f5
-Size (node-v13.7.0.tar.gz) = 61265413 bytes
+SHA1 (node-v13.8.0.tar.gz) = 4eefd1ed195d7446f5f697043082451f0cf1b06c
+RMD160 (node-v13.8.0.tar.gz) = c502a851e50bb697ecae2b856eff3375c369187c
+SHA512 (node-v13.8.0.tar.gz) = b8febc77c7b0e927f6db4f2c0833012338bf7b741b99dac5bce2da41373dad3a97f1bf1bb18d138ee7489fbb7db2dc7d50c25ad5659bd0b249479dbbf6275c3e
+Size (node-v13.8.0.tar.gz) = 61269370 bytes
 SHA1 (patch-common.gypi) = f0bd2962bf7c8466db24b35a35154897ecad6316
 SHA1 (patch-deps_cares_cares.gyp) = 22b44f2ac59963f694dfe4f4585e08960b3dec32
 SHA1 (patch-deps_uv_common.gypi) = d38a9c8d9e3522f15812aec2f5b1e1e636d4bab3