Overview
Request 634765 accepted
- 21257.diff: Revert an upstream revert that resulted that stdout
remaining O_NONBLOCK during build process. This resulted in
build failures.
- New upstream release 10.9.0:
* buffer:
+ Fix out-of-bounds (OOB) write in Buffer.write() for
UCS-2 encoding (CVE-2018-12115, bsc#1105019)
+ Fix unintentional exposure of uninitialized memory in
Buffer.alloc() (bsc#1105018, CVE-2018-7166)
* deps: Upgrade to OpenSSL 1.0.2p, fixing:
+ Client DoS due to large DH parameter
(CVE-2018-0732, bsc#1097158)
+ ECDSA key extraction via local side-channel
* http: http.get() and http.request() (and https variants)
now accept three arguments to allow for a URL and options object
- New upstream release 10.8.0:
* deps: upgrade npm to 6.2.0
- Changes in version 10.7.0:
* console: The console.timeLog() method has been implemented.
* http: Added support for passing both timeout and agent options
to http.request.
* inspector: Expose the original console API in
require('inspector').console.
* napi: Added experimental support for functions dealing with
bigint numbers.
* process:
+ The process.hrtime.bigint() method has been implemented.
+ Added the --title command line argument to set the process
title on startup.
* trace_events: Added process_name metadata.
- icu_small_grouping.patch: upstreamed
- versioned.patch, env_shebang.patch: refreshed
- update Jan's description changes for grammar and merge into git
Obviously the builds are failing (because of OBS or something), please reject for now.
Request History
adamm created request
- 21257.diff: Revert an upstream revert that resulted that stdout
remaining O_NONBLOCK during build process. This resulted in
build failures.
- New upstream release 10.9.0:
* buffer:
+ Fix out-of-bounds (OOB) write in Buffer.write() for
UCS-2 encoding (CVE-2018-12115, bsc#1105019)
+ Fix unintentional exposure of uninitialized memory in
Buffer.alloc() (bsc#1105018, CVE-2018-7166)
* deps: Upgrade to OpenSSL 1.0.2p, fixing:
+ Client DoS due to large DH parameter
(CVE-2018-0732, bsc#1097158)
+ ECDSA key extraction via local side-channel
* http: http.get() and http.request() (and https variants)
now accept three arguments to allow for a URL and options object
- New upstream release 10.8.0:
* deps: upgrade npm to 6.2.0
- Changes in version 10.7.0:
* console: The console.timeLog() method has been implemented.
* http: Added support for passing both timeout and agent options
to http.request.
* inspector: Expose the original console API in
require('inspector').console.
* napi: Added experimental support for functions dealing with
bigint numbers.
* process:
+ The process.hrtime.bigint() method has been implemented.
+ Added the --title command line argument to set the process
title on startup.
* trace_events: Added process_name metadata.
- icu_small_grouping.patch: upstreamed
- versioned.patch, env_shebang.patch: refreshed
- update Jan's description changes for grammar and merge into git
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto added repo-checker as a reviewer
Please review build success
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
staging-bot added openSUSE:Factory:Staging:adi:37 as a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:adi:37"
staging-bot accepted review
Picked openSUSE:Factory:Staging:adi:37
jengelh accepted review
repo-checker accepted review
cycle and install check passed
staging-bot accepted review
ready to accept
staging-bot approved review
ready to accept
maxlin_factory accepted request
Accept to openSUSE:Factory