-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/03/2015 08:06 AM, Zuzana Svetlikova wrote: > There is a CVE, I am not sure if we have the fixed sources > already. > > https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/ > > OK, looking into it, it seems that they haven't released the updated packages or actually lifted the embargo yet. I'll keep an eye on it.
Thanks for the heads-up. > > ----- Original Message ----- From: "Tom Hughes" <t...@compton.nu> > To: "Node.js on Fedora" <nodejs@lists.fedoraproject.org> Sent: > Thursday, December 3, 2015 1:55:29 AM Subject: Re: Plans for > Node.js > > On 02/12/15 17:04, Stephen Gallagher wrote: > >> Should be all set now. Thanks for catching that. > > So current status of the binary modules is as follows. Firstly ones > that were using nan v2 and have been rebuilt successfully in the > side tag: > > nodejs-fs-ext nodejs-gdal nodejs-iconv nodejs-node-expat > nodejs-sqlite3 nodejs-zipfile > > Ones which have been updated to new upstream releases and/or > patches from upstream and built in the side tag: > > nodejs-i2c nodejs-libxmljs > > One where work is still needed: > > nodejs-node-stringprep has a patch on github but the comments > suggest it still has issues so it will need more investigation. > > nodejs-mapnik is mine, and will need to be updated, but that needs > an update to mapnik 3 which I am currently working on in a copr. > > nodejs-pg - this is very out of date, and is now noarch with the > optional C bindings in the libpq module. I think there are also a > number of new dependencies that will need packaging. > > Tom > -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlZgP78ACgkQeiVVYja6o6NnLACfQN6rH8jj8EDukIkd1yd+wmzE 2uYAnj971hCezQRkOkowQeX+sIU8KZ06 =oVnH -----END PGP SIGNATURE----- _______________________________________________ nodejs mailing list nodejs@lists.fedoraproject.org http://lists.fedoraproject.org/admin/lists/nodejs@lists.fedoraproject.org
