diff options
| author | fhajny <fhajny@pkgsrc.org> | 2015-12-04 12:18:36 +0000 |
|---|---|---|
| committer | fhajny <fhajny@pkgsrc.org> | 2015-12-04 12:18:36 +0000 |
| commit | c21a82e1994ee72af08b3c151d6dae9c6262344a (patch) | |
| tree | e6780fc079e949bb2f582d0398cb50094aa15369 /math | |
| parent | dce7063e168a7f63f3e6d855ead4241da3bc5b8b (diff) | |
| download | pkgsrc-c21a82e1994ee72af08b3c151d6dae9c6262344a.tar.gz | |
Update nodejs4 to 4.2.3 and nodejs to 5.1.1.
Notable changes
- http: Fix a bug where an HTTP socket may no longer have a socket
but a pipelined request triggers a pause or resume, a potential
denial-of-service vector. (Fedor Indutny)
- openssl: Upgrade to 1.0.2e, containing fixes for:
- CVE-2015-3193 "BN_mod_exp may produce incorrect results on x86_64",
an attack is considered feasible against a Node.js TLS server
using DHE key exchange. Details are available at
http://openssl.org/news/secadv/20151203.txt.
- CVE-2015-3194 "Certificate verify crash with missing PSS parameter",
a potential denial-of-service vector for Node.js TLS servers; TLS
clients are also impacted. Details are available at
http://openssl.org/news/secadv/20151203.txt. (Shigeki Ohtsu) #4134
- v8: Backport fixes for a bug in JSON.stringify() that can result in
out-of-bounds reads for arrays. (Ben Noordhuis)
Diffstat (limited to 'math')
0 files changed, 0 insertions, 0 deletions