commit nodejs for openSUSE:Factory

Wed, 23 Dec 2015 03:02:13 -0800 

Hello community,

here is the log from the commit of package nodejs for openSUSE:Factory checked 
in at 2015-12-23 12:01:44
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/nodejs (Old)
 and      /work/SRC/openSUSE:Factory/.nodejs.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "nodejs"

Changes:
--------
--- /work/SRC/openSUSE:Factory/nodejs/nodejs.changes    2015-11-17 
14:23:32.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.nodejs.new/nodejs.changes       2015-12-23 
12:01:50.000000000 +0100
@@ -1,0 +2,17 @@
+Wed Dec 16 03:16:04 UTC 2015 - [email protected]
+
+- update to 4.2.3
+  * http: Fix a bug where an HTTP socket may no longer have a socket
+    but a pipelined request triggers a pause or resume, a potential
+    denial-of-service vector
+  * openssl: Upgrade to 1.0.2e, containing fixes for:
+    + CVE-2015-3193 (boo#957814) "BN_mod_exp may produce incorrect
+      results on x86_64", an attack is considered feasible against a
+      Node.js TLS server using DHE key exchange
+    + CVE-2015-3194 (boo#957815) "Certificate verify crash with missing
+      PSS parameter", a potential denial-of-service vector for Node.js
+      TLS servers; TLS clients are also impacted
+  * v8: Backport fixes for a bug in JSON.stringify() that can result in
+    out-of-bounds reads for arrays.
+
+-------------------------------------------------------------------

Old:
----
  node-v4.2.2.tar.xz

New:
----
  node-v4.2.3.tar.xz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ nodejs.spec ++++++
--- /var/tmp/diff_new_pack.bZaU7n/_old  2015-12-23 12:01:51.000000000 +0100
+++ /var/tmp/diff_new_pack.bZaU7n/_new  2015-12-23 12:01:51.000000000 +0100
@@ -17,7 +17,7 @@
 
 
 Name:           nodejs
-Version:        4.2.2
+Version:        4.2.3
 Release:        0
 Summary:        Evented I/O for V8 JavaScript
 License:        MIT

++++++ node-v4.2.2.tar.xz -> node-v4.2.3.tar.xz ++++++
/work/SRC/openSUSE:Factory/nodejs/node-v4.2.2.tar.xz 
/work/SRC/openSUSE:Factory/.nodejs.new/node-v4.2.3.tar.xz differ: char 26, line 
1

Reply via email to