File _patchinfo of Package patchinfo.4144

<patchinfo incident="4144">
  <issue id="1022086" tracker="bnc">VUL-1: CVE-2017-3732: openssl: BN_mod_exp may produce incorrect results on x86_64</issue>
  <issue id="1022085" tracker="bnc">VUL-0: CVE-2017-3731: openssl: Truncated packet could crash via OOB read</issue>
  <issue id="1009528" tracker="bnc">VUL-1: CVE-2016-7055: openssl: Montgomery multiplication may produce incorrect results</issue>
  <issue id="2016-7055" tracker="cve" />
  <issue id="2017-3731" tracker="cve" />
  <issue id="2017-3732" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>adamm</packager>
  <description>
This update for nodejs6 fixes the following issues:

New upstream LTS release 6.9.5.

The embedded openssl sources were updated to 1.0.2k (CVE-2017-3731, CVE-2017-3732, CVE-2016-7055, bsc#1022085, bsc#1022086, bsc#1009528)

Other fixes:
- Add basic check that Node.js loads successfully to spec file

- New upstream LTS release 6.9.3
  * build: shared library support is now working for AIX builds
  * deps/npm: upgrade npm to 3.10.10
  * deps/V8: destructuring of arrow function arguments via computed
             property no longer throws
  * inspector: /json/version returns object, not an object wrapped
               in an array
  * module: using --debug-brk and --eval together now works
            as expected
  * process: improve performance of nextTick up to 20%
  * repl: the division operator will no longer be accidentally
          parsed as regex
  * repl: improved support for generator functions
  * timers: recanceling a cancelled timers will no longer throw

- New upstream LTS version 6.9.2</description>
  <summary>Security update for nodejs6</summary>
</patchinfo>