File nodejs6.changes of Package nodejs6
-------------------------------------------------------------------
Thu Aug 17 08:57:20 UTC 2017 - qantas94heavy@gmail.com
- New upstream LTS release 6.11.2
* configure: add mips64el to valid_arch (#13620)
* crypto: updated root certificates based on NSS 3.30
(#13279, #12402)
* deps: upgrade OpenSSL to version 1.0.2.l (#12913)
* http:
+ parse errors are now reported when NODE_DEBUG=http (#13206)
+ Agent constructor can now be invoked without new (#12927)
* zlib: node will now throw an Error when zlib rejects the value
of windowBits, instead of crashing (#13098)
- Drop 0f3e69db.patch: fixed upstream
- Modify versioned.patch: use correct "node6" directory
-------------------------------------------------------------------
Wed Aug 2 15:16:57 UTC 2017 - adam.majer@suse.de
- Fix update-alternative handling in %postun - don't remove
links on upgrades.
-------------------------------------------------------------------
Wed Jul 12 08:24:32 UTC 2017 - adam.majer@suse.de
- New upstream LTS release 6.11.1
* v8: disable V8 snapshots. The hashseed embedded in the snapshot
is currently the same for all runs of the binary. This opens
node up to collision attacks which could result in a Denial
of Service. We have temporarily disabled snapshots until a more
robust solution is found. (bnc#1048299, CVE-2017-11499)
* The c-ares function ares_parse_naptr_reply(), which is used for
parsing NAPTR responses, could be triggered to read memory
outside of the given input buffer if the passed in DNS response
packet was crafted in a particular way.
(CVE-2017-1000381, bnc#1044946)
-------------------------------------------------------------------
Fri Jul 7 14:05:05 UTC 2017 - adam.majer@suse.de
- Depend on nodejs-common that is then used to pick correctly
versioned node or npm binary. This is required since 3rd party
modules use `/usr/bin/env node` which breaks if multiple versions
of NodeJS are installed at the same time and non-default version
is used (for example, to compile a native module)
-------------------------------------------------------------------
Thu Jul 6 12:08:26 UTC 2017 - adam.majer@suse.de
- npm_search_paths.patch: Since concurrent installations are now
possible, node manual pages are moved once again back under npm
searcheable locations only.
- versioned.patch: All files are now under versioned directoies
and names. node and npm symlinks are now managed by
update-alternatives
- node-gyp-addon-gypi.patch: Reference versioned directories only
-------------------------------------------------------------------
Tue Jun 13 09:13:23 UTC 2017 - adam.majer@suse.de
- New upstream LTS release 6.11.0
* added support for building mips64el
* cluster:
+ disconnect() now returns a reference to the disconnected
worker.
* crypto:
+ ability to select cert store at runtime
+ Use system CAs instead of using bundled ones
(obsoletes 8334.diff)
+ The Decipher methods setAuthTag() and setAAD now return this
+ adding support for OPENSSL_CONF again
+ make LazyTransform compabile with Streams1
* deps:
+ upgrade libuv to 1.11.0
* dns:
+ Implemented {ttl: true} for resolve4() and resolve6().
* process:
+ add NODE_NO_WARNINGS environment variable
* readline:
+ add option to stop duplicates in history
* src:
+ support "--" after "-e" as end-of-options
* tls:
+ new tls.TLSSocket() supports sec ctx options
+ Allow obvious key/passphrase combinations.
- Fix typo in node-gyp-addon-gypi.patch patch
- Refresh icu59.patch
-------------------------------------------------------------------
Tue May 30 12:45:42 UTC 2017 - adam.majer@suse.de
- 0f3e69db.patch, icu59.patch: backported GCC 7 compilation fixes
for v8 backported and add missing ICU59 includes (bnc#1041282)
-------------------------------------------------------------------
Tue May 23 09:52:00 UTC 2017 - adam.majer@suse.de
- New upstream LTS release 6.10.3
* b8:
+ Trigger OOM crash on memory allcation errors
+ Don't treat catch scopes as possibly-shadowing for sloppy eval
* lib: fix event race condition with -e
* src: fix base64 decoding in rare edgecase
* tls:
+ fix segfault on destroy after partial read
+ keep track of stream that is closed
+ fix macro to check NPN feature
- nodejs-libpath.patch: updated
-------------------------------------------------------------------
Wed Apr 5 01:30:39 UTC 2017 - qantas94heavy@gmail.com
- New upstream LTS release 6.10.2
* crypto: fix memory leak if certificate is revoked (#12089)
* deps: backport V8 fixes for spread syntax regression
causing segfaults (#12037)
- Changes not applicable to openSUSE in 6.10.2:
* deps: upgrade zlib to 1.2.11 (#10980)
* repl: revert commit that broke REPL display on Windows (#12123)
- Changes in LTS release 6.10.1
* performance: The performance of several APIs has been improved.
+ Buffer.compare() is up to 35% faster on average.
+ buffer.toJSON() is up to 2859% faster on average.
+ fs.*statSync() functions are now up to 9% faster on average.
+ os.loadavg is up to 151% faster.
+ process.memoryUsage() is up to 34% faster.
+ querystring.unescape() for Buffers is 15% faster on average.
+ querystring.stringify() is up to 7.8% faster on average.
+ querystring.parse() is up to 21% faster on average.
* IPC: Batched writes have been enabled for process IPC on
platforms that support Unix Domain Sockets. Performance gains
may be up to 40% for some workloads.
* child_process: spawnSync now returns a null status when child
is terminated by a signal. This fixes the behavior to act like
spawn() does.
* http: Control characters are now always rejected when using
http.request(). Debug messages have been added for cases when
headers contain invalid values.
* node: Heap statistics now support values larger than 4GB.
* timers: Timer callbacks now always maintain order when
interacting with domain error handling.
-------------------------------------------------------------------
Sun Feb 26 03:01:09 UTC 2017 - qantas94heavy@gmail.com
- New upstream LTS release 6.10.0
* crypto: allow adding extra certs to well-known CAs
* deps: upgrade INTL ICU to version 58
* fs: cache non-symlinks in realpathSync
* process: add process.memoryUsage().external
* repl: allow autocompletion for scoped packages
* src: add wrapper for process.emitWarning()
- Modify 8334.diff:
* Remove merged reference counting code (#9409)
* Bring patch in line with upstream changes (#8334)
-------------------------------------------------------------------
Fri Feb 3 12:21:10 UTC 2017 - adam.majer@suse.de
- New upstream LTS release 6.9.5
* deps: upgrade openssl sources to 1.0.2k
(CVE-2017-3731, CVE-2017-3732, CVE-2016-7055,
bnc#1022085, bnc#1022086, bnc#1009528)
- No changes in LTS release 6.9.4
- Adjusted 8334.diff to be inline with accepted changes
-------------------------------------------------------------------
Fri Jan 6 08:25:14 UTC 2017 - qantas94heavy@gmail.com
- Add basic check that Node.js loads successfully to spec file
-------------------------------------------------------------------
Wed Jan 4 02:56:09 UTC 2017 - qantas94heavy@gmail.com
- New upstream LTS release 6.9.3
* build: shared library support is now working for AIX builds
* deps/npm: upgrade npm to 3.10.10
* deps/V8: destructuring of arrow function arguments via computed
property no longer throws
* inspector: /json/version returns object, not an object wrapped
in an array
* module: using --debug-brk and --eval together now works
as expected
* process: improve performance of nextTick up to 20%
* repl: the division operator will no longer be accidentally
parsed as regex
* repl: improved support for generator functions
* timers: recanceling a cancelled timers will no longer throw
-------------------------------------------------------------------
Fri Dec 9 04:22:27 UTC 2016 - qantas94heavy@gmail.com
- New upstream LTS version 6.9.2
* buffer: coerce slice parameters consistently
* deps/npm: upgrade npm to 3.10.9
* deps/V8: Various fixes to destructuring edge cases
+ cherry-pick 3c39bac from V8 upstream
+ cherry pick 7166503 from upstream v8
* gtest: the test reporter now outputs tap comments as yamlish
* inspector: inspector now prompts user to use 127.0.0.1 rather
than localhost
* tls: fix memory leak when writing data to TLSWrap instance
during handshake
- Modify 8334.diff:
* ported and updated system CA store for the new node crypto code
-------------------------------------------------------------------
Wed Nov 23 09:00:40 UTC 2016 - adam.majer@suse.de
- Add missing conflicts to base package. It's not possible to have
concurrent nodejs installations.
-------------------------------------------------------------------
Fri Nov 18 11:59:06 UTC 2016 - adam.majer@suse.de
- Package unification across various branches of NodeJS. Package
for 4.x, 6.x and current (7.x) branches of NodeJS are now
handled via GitHub repository.
- NodeJS 6.x LTS package, based on NodeJS 4.x LTS layout. All
NodeJS packages are interchangeable. (FATE #321373)
-------------------------------------------------------------------
Mon Nov 7 13:15:21 UTC 2016 - adam.majer@suse.de
- Add versioned dependencies for unbundling of c-ares and icu
libraries
- SLE12 can have unbundled libicu
-------------------------------------------------------------------
Wed Nov 2 04:13:20 UTC 2016 - qantas94heavy@gmail.com
- Fork package devel:languages:nodejs/nodejs
- Remove support-arm64-build.patch (not necessary for aarch64 build)
- Use system library versions of c-ares and ICU where supported
- Remove /usr/{lib,lib64}/node_modules from global module paths
* This is deprecated behaviour that was caused by an incorrect patch
in devel:languages:nodejs/nodejs almost 6 months ago (boo#985350)
- Modify nodejs-libpath.patch
* Move /usr/lib64/node_modules to %{_libexecpath} as npm isn't
architecture dependent (only npm itself is stored there)
- Remove nodejs-libpath64.patch
- Use separate .sig file instead of .asc file for source verification
- Use exec instead of xargs to remove files in install script
