Revisions of nodejs20
Adam Majer (adamm)
committed
(revision 40)
Adam Majer (adamm)
committed
(revision 39)
- Update to 20.8.0: * Stream performance improvements * Rework of memory management in vm APIs with the importModuleDynamically option * test_runner: + accept testOnly in run + add junit reporter - fix_ci_tests.patch: refreshed
buildservice-autocommit
accepted
request 1112341
from
Adam Majer (adamm)
(revision 38)
baserev update by copy to link target
Adam Majer (adamm)
committed
(revision 37)
drop bundled libicu
Adam Majer (adamm)
committed
(revision 36)
- Update to 20.7.0: * src: support multiple --env-file declarations * deps: upgrade npm to 10.1.0 * doc: move and rename loaders section * lib: add api to detect whether source-maps are enabled * src,permission: add multiple allow-fs-* flags * test_runner: expose location of tests - z13.patch: upstreamed - Update to 20.6.1: * f0ff63fbc32ea55f3d92c5c89fdb91ec47786859.patch: removed, upstreamed
buildservice-autocommit
accepted
request 1109713
from
Adam Majer (adamm)
(revision 35)
baserev update by copy to link target
Adam Majer (adamm)
committed
(revision 34)
Adam Majer (adamm)
committed
(revision 33)
Adam Majer (adamm)
committed
(revision 32)
- f0ff63fbc32ea55f3d92c5c89fdb91ec47786859.patch: fixes issues with Angular and other software that tries to load ECM modules in somewhat circular fashion ending up with multiple executions.
buildservice-autocommit
accepted
request 1109025
from
Adam Majer (adamm)
(revision 31)
baserev update by copy to link target
Adam Majer (adamm)
committed
(revision 30)
- nodejs.keyring: updated to include current upstream releasers
Adam Majer (adamm)
committed
(revision 29)
- Update to 20.6.0: * add support for .env files to configure envrionment variables * import.meta.resolve unflagged * deps: npm updated to 9.8.1
buildservice-autocommit
accepted
request 1105924
from
Adam Majer (adamm)
(revision 28)
baserev update by copy to link target
Adam Majer (adamm)
committed
(revision 27)
- Temporarily bundle ICU for SLE15 SP6 (jsc#PED-4819)
buildservice-autocommit
accepted
request 1103349
from
Adam Majer (adamm)
(revision 26)
baserev update by copy to link target
Adam Majer (adamm)
committed
(revision 25)
https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V20.md#20.5.1 versioned.patch: refreshed
Adam Majer (adamm)
committed
(revision 24)
- Update to version 20.5.1: * (CVE-2023-32002, bsc#1214150): Policies can be bypassed via Module._load (High) * (CVE-2023-32558, bsc#1214155): process.binding() can bypass the permission model through path traversal (High) * (CVE-2023-32004, bsc#1214152): Permission model can be bypassed by specifying a path traversal sequence in a Buffer (High) * (CVE-2023-32006, bsc#1214156): Policies can be bypassed by module.constructor.createRequire (Medium) * (CVE-2023-32559, bsc#1214154): Policies can be bypassed via process.binding (Medium) * (CVE-2023-32005, bsc#1214153): fs.statfs can bypass the permission model (Low) * (CVE-2023-32003, bsc#1214151): fs.mkdtemp() and fs.mkdtempSync() can bypass the permission model (Low) - Changes in 20.5.0: * events: allow safely adding listener to abortSignal * fs: add a fast-path for readFileSync utf-8 * test_runner: add shards support - Changes in 20.4.0: * tls: add ALPNCallback server option for dynamic ALPN negotiation * adds support for ECMAScript Explicit Resource Management * adds Mock Timer support to test module For details see, https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V20.md#20.5.1
buildservice-autocommit
accepted
request 1094364
from
Adam Majer (adamm)
(revision 23)
baserev update by copy to link target
Adam Majer (adamm)
committed
(revision 22)
- Update to version 20.3.1 (security fixes only). The following CVEs are fixed in this release: * (CVE-2023-30581, bsc#1212574): mainModule.__proto__ Bypass Experimental Policy Mechanism (High) * (CVE-2023-30584, bsc#1212575): Path Traversal Bypass in Experimental Permission Model (High) * (CVE-2023-30587, bsc#1212576): Bypass of Experimental Permission Model via Node.js Inspector (High) * (CVE-2023-30582, bsc#1212577): Inadequate Permission Model Allows Unauthorized File Watching (Medium) * (CVE-2023-30583, bsc#1212578): Bypass of Experimental Permission Model via fs.openAsBlob() (Medium) * (CVE-2023-30585, bsc#1212579): Privilege escalation via Malicious Registry Key manipulation during Node.js installer repair process (Medium) * (CVE-2023-30586, bsc#1212580): Bypass of Experimental Permission Model via Arbitrary OpenSSL Engines (Medium) * (CVE-2023-30588, bsc#1212581): Process interuption due to invalid Public Key information in x509 certificates (Medium) * (CVE-2023-30589, bsc#1212582): HTTP Request Smuggling via Empty headers separated by CR (Medium) * (CVE-2023-30590, bsc#1212583): DiffieHellman does not generate keys after setting a private key (Medium)
buildservice-autocommit
accepted
request 1093316
from
Adam Majer (adamm)
(revision 21)
baserev update by copy to link target
Displaying revisions 41 - 60 of 80