Overview
Request 431130 accepted
- enable usage of system certificate store on SLE11SP4 by
requiring openssl1 (boo#1000036)
- nodejs-libpath.patch:
* adapt patch from main nodejs project so it builds on SLE11
- New upstream LTS version 4.6.0
* openssl update (not applicable for SLE12SP2, Leap 42.2 and later)
+ upgrade to 1.0.2j (CVE-2016-6304, CVE-2016-2183, CVE-2016-2178,
CVE-2016-6306, CVE-2016-7052)
+ remove support for dynamic 3rd party engine modules
* http: Properly validate for allowable characters in input
user data. This introduces a new case where throw may occur
when configuring HTTP responses, users should already
be adopting try/catch here. (CVE-2016-5325, bnc#985201)
* tls: properly validate wildcard certificates
(CVE-2016-7099, bnc#1001652)
* buffer: Zero-fill excess bytes in new Buffer objects created
with Buffer.concat()
- Created by adamm
- In state accepted
-
Package maintainers:
adamm and
qantas94heavy
Request History
adamm created request
- enable usage of system certificate store on SLE11SP4 by
requiring openssl1 (boo#1000036)
- nodejs-libpath.patch:
* adapt patch from main nodejs project so it builds on SLE11
- New upstream LTS version 4.6.0
* openssl update (not applicable for SLE12SP2, Leap 42.2 and later)
+ upgrade to 1.0.2j (CVE-2016-6304, CVE-2016-2183, CVE-2016-2178,
CVE-2016-6306, CVE-2016-7052)
+ remove support for dynamic 3rd party engine modules
* http: Properly validate for allowable characters in input
user data. This introduces a new case where throw may occur
when configuring HTTP responses, users should already
be adopting try/catch here. (CVE-2016-5325, bnc#985201)
* tls: properly validate wildcard certificates
(CVE-2016-7099, bnc#1001652)
* buffer: Zero-fill excess bytes in new Buffer objects created
with Buffer.concat()
adamm accepted request
