Update nodejs4 to 4.2.3 and nodejs to 5.1.1. - pkgsrc

diff options

author	fhajny <fhajny@pkgsrc.org>	2015-12-04 12:18:36 +0000
committer	fhajny <fhajny@pkgsrc.org>	2015-12-04 12:18:36 +0000
commit	c21a82e1994ee72af08b3c151d6dae9c6262344a (patch)
tree	e6780fc079e949bb2f582d0398cb50094aa15369 /security
parent	dce7063e168a7f63f3e6d855ead4241da3bc5b8b (diff)
download	pkgsrc-c21a82e1994ee72af08b3c151d6dae9c6262344a.tar.gz

Update nodejs4 to 4.2.3 and nodejs to 5.1.1.

Notable changes - http: Fix a bug where an HTTP socket may no longer have a socket but a pipelined request triggers a pause or resume, a potential denial-of-service vector. (Fedor Indutny) - openssl: Upgrade to 1.0.2e, containing fixes for: - CVE-2015-3193 "BN_mod_exp may produce incorrect results on x86_64", an attack is considered feasible against a Node.js TLS server using DHE key exchange. Details are available at http://openssl.org/news/secadv/20151203.txt. - CVE-2015-3194 "Certificate verify crash with missing PSS parameter", a potential denial-of-service vector for Node.js TLS servers; TLS clients are also impacted. Details are available at http://openssl.org/news/secadv/20151203.txt. (Shigeki Ohtsu) #4134 - v8: Backport fixes for a bug in JSON.stringify() that can result in out-of-bounds reads for arrays. (Ben Noordhuis)

Diffstat (limited to 'security')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: