File nodejs15.changes of Package nodejs15

Overview Repositories Revisions Requests Users Attributes Meta

File nodejs15.changes of Package nodejs15

-------------------------------------------------------------------
Mon May 31 16:27:44 UTC 2021 - Adam Majer <adam.majer@suse.de>

- Use libalternatives instead of update-alternatives

-------------------------------------------------------------------
Tue May  4 12:43:50 UTC 2021 - Adam Majer <adam.majer@suse.de>

- icu69.patch: fixes build issues with ICU69 (bsc#1185400)

-------------------------------------------------------------------
Wed Apr  7 12:22:39 UTC 2021 - Adam Majer <adam.majer@suse.de>

- New upstream version 15.14.0:
  * fs: add support for async iterators to fsPromises.writeFile
  * net:
    + allow net.BlockList to use net.SocketAddress objects
    + add SocketAddress class
    + make net.BlockList cloneable
  * net,tls: add abort signal support to connect
  * readline: add AbortSignal support to interface

- Changes in version 15.13.0:
  * buffer: implement btoa and atob
  * deps: upgrade npm to 7.7.6
       This update adds workspaces support to npm run and npm exec
  * doc: add legacy status to stability index
  * http: add http.ClientRequest.getRawHeaderNames()

- refreshed patches: fix_ci_tests.patch, npm_bundle_to_provides.js,
  npm_search_paths.patch

-------------------------------------------------------------------
Tue Mar 30 11:07:07 UTC 2021 - Adam Majer <adam.majer@suse.de>

- New upstream version 15.12.0:
  * crypto:
    + add optional callback to crypto.sign and crypto.verify
    + support JWK objects in create*Key
  * deps: 
    + update to cjs-module-lexer@1.1.0
  * fs: improve fsPromises writeFile and writeFile performance
  * lib: implement AbortSignal.abort()
  * node-api: define version 8 
  * worker: add setEnvironmentData/getEnvironmentData

- fix_ci_tests.patch npm_search_paths.patch: refreshed

-------------------------------------------------------------------
Wed Mar  3 12:30:43 UTC 2021 - Adam Majer <adam.majer@suse.de>

- New upstream version 15.11.0:
  * crypto: make FIPS related options always awailable
    (note: don't forget to install the appropriate FIPS patterns
     as otherwise openssl will refuse)
  * errors: remove experimental from --enable-source-maps

- nodejs-libpath.patch, versioned.patch: refreshed

-------------------------------------------------------------------
Tue Feb 23 14:41:30 UTC 2021 - Adam Majer <adam.majer@suse.de>

- New upstream version 15.10.0:
  * CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service
    by resource exhaustion (bsc#1182619)
  * CVE-2021-22884: DNS rebinding in --inspect (bsc#1182620)

- Changes in 15.9.0:
  * crypto: add keyObject.export() 'jwk' format option
  * deps: upgrade to libuv 1.41.0
  * doc: refactor fs docs structure
  * fs: 
    + add fsPromises.watch()
    + use a default callback for fs.close()
    + add AbortSignal support to watch
  * perf_hooks: introduce createHistogram
  * stream: improve Readable.from error handling
  * timers: introduce setInterval async iterator
  * tls: add ability to get cert/peer cert as X509Certificate object

-------------------------------------------------------------------
Wed Feb 17 17:33:25 UTC 2021 - Adam Majer <adam.majer@suse.de>

- relax OpenSSL cipher suite policies for unit tests
 
-------------------------------------------------------------------
Fri Feb  5 14:56:36 UTC 2021 - Adam Majer <adam.majer@suse.de>

- New upstream version 15.8.0:
  * crypto:
    + add generatePrime/checkPrime
    + experimental (Ed/X)25519/(Ed/X)448 support
  * deps: upgrade npm to 7.5.0
    This update adds a new npm diff command.
  * dgram: support AbortSignal in createSocket
  * esm: deprecate legacy main lookup for modules
  * readline:
    + add history event and option to set initial history
    + add support for the AbortController to the question method

- versioned.patch: refreshed

-------------------------------------------------------------------
Tue Feb  2 12:45:15 UTC 2021 - Adam Majer <adam.majer@suse.de>

- New upstream version 15.7.0:
  * buffer:
    + introduce Blob
    + add base64url encoding option
  * fs:
    + allow position parameter to be a BigInt in read and
      readSync (raisinten)
  * http:
    + attach request as res.req
    + expose urlToHttpOptions utility

-------------------------------------------------------------------
Thu Jan 21 16:40:06 UTC 2021 - Adam Majer <adam.majer@suse.de>

- New upstream version 15.6.0:
  * child_process:
    + add 'overlapped' stdio flag
    + support AbortSignal in fork
  * crypto:
    + implement basic secure heap support
    + fixup bug in keygen error handling
    + introduce X509Certificate API
    + implement randomuuid
  * http: set lifo as the default scheduling strategy in Agent
  * net: support abortSignal in server.listen
  * process: add direct access to rss without iterating pages
  * v8: fix native serdes constructors
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V15.md#15.6.0

- versioned.patch: refreshed

-------------------------------------------------------------------
Mon Jan  4 19:29:12 UTC 2021 - Adam Majer <adam.majer@suse.de>

- New upstream version 15.5.1:
  * CVE-2020-8265: use-after-free in TLSWrap (High) bug in TLS
    implementation. When writing to a TLS enabled socket,
    node::StreamBase::Write calls node::TLSWrap::DoWrite with
    a freshly allocated WriteWrap object as first argument.
    If the DoWrite method does not return an error, this object is
    passed back to the caller as part of a StreamWriteResult structure.
    This may be exploited to corrupt memory leading to a
    Denial of Service or potentially other exploits (bsc#1180553)
  * CVE-2020-8287: HTTP Request Smuggling allow two copies of a
    header field in a http request. For example, two Transfer-Encoding
    header fields. In this case Node.js identifies the first header
    field and ignores the second. This can lead to HTTP Request
    Smuggling (https://cwe.mitre.org/data/definitions/444.html).
    (bsc#1180554)
  * CVE-2020-1971: OpenSSL - EDIPARTYNAME NULL pointer de-reference
    (High) This is a vulnerability in OpenSSL which may be exploited
    through Node.js. (bsc#1179491)

- Changes in 15.5.0:
  * child_process: add signal support to spawn
  * http: use autoDestroy: true in incoming message
  * lib: support BigInt in querystring.stringify
  * stream: support abortsignal in constructor

- npm_search_paths.patch, versioned.patch: refreshed
- revert_cares_caa_reply_support.patch: dropped, no longer needed

-------------------------------------------------------------------
Thu Dec 10 18:20:53 UTC 2020 - Adam Majer <adam.majer@suse.de>

- New upstream version 15.4.0:
  * child_processes: add AbortSignal support
  * events:
    + support signal in EventTarget
    + graduate Event, EventTarget, AbortController
  * http: enable call chaining with setHeader()
  * module: add isPreloading indicator
  * stream:
    + support abort signal
    + add FileHandle support to Read/WriteStream
  * worker: add experimental BroadcastChannel

- nodejs-libpath.patch: refreshed

-------------------------------------------------------------------
Mon Nov 30 19:45:55 UTC 2020 - Adam Majer <adam.majer@suse.de>

- openssl_binary_detection.patch: fixes unit tests on SLE12

-------------------------------------------------------------------
Thu Nov 26 06:02:11 UTC 2020 - Adam Majer <adam.majer@suse.de>

- New upstream version 15.3.0:
  * dns: add a cancel() method to the promise Resolver
  * events: add max listener warning for EventTarget
  * http: add support for abortsignal to http.request
  * http2: allow setting the local window size of a session
  * lib: add throws option to fs.f/l/statSync
  * path: add path/posix and path/win32 alias modules
  * readline: add getPrompt to get the current prompt
  * src: add loop idle time in diagnostic report
  * util: add util/types alias module

-------------------------------------------------------------------
Thu Nov 19 11:41:48 UTC 2020 - Adam Majer <adam.majer@suse.de>

- New upstream version 15.2.1:
  * deps: Denial of Service through DNS request (High).
  A Node.js application that allows an attacker to trigger a DNS
  request for a host of their choice could trigger a Denial of Service
  by getting the application to resolve a DNS record with
  a larger number of responses (bsc#1178882, CVE-2020-8277)

-------------------------------------------------------------------
Thu Nov 12 18:56:37 UTC 2020 - Adam Majer <adam.majer@suse.de>

- Update to 15.2.0:
  * events:
    +getEventListeners static
  * fs:
    + support abortsignal in writeFile
    + add support for AbortSignal in readFile
  * stream:
    + fix thrown object reference

revert_cares_caa_reply_support.patch: refreshed

-------------------------------------------------------------------
Thu Nov  5 10:07:53 UTC 2020 - Adam Majer <adam.majer@suse.de>

- Update to 15.1.0:
  * deps: npm updated to 7.0.8
  * child_process: add ChildProcess 'spawn' event
  * dns: add setLocalAddress to Resolver
  * http: report request start and end with diagnostics_channel
  * http2: add updateSettings to both http2 servers
  * lib: create diagnostics_channel module
  * src: add --heapsnapshot-near-heap-limit option
  * v8: implement v8.stopCoverage() and v8.takeCoverage()
  * worker: add eventLoopUtilization()

- fix_ci_tests.patch, npm_search_paths.patch, versioned.patch refreshed

For details see
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V15.md#15.1.0

-------------------------------------------------------------------
Thu Oct 22 11:43:13 UTC 2020 - Adam Majer <adam.majer@suse.de>

- Update to 15.0.1:
  * crypto: fix regression on randomFillSync
        This fixes issue https://github.com/nodejs/node/issues/35722.
  * deps: upgrade npm to 7.0.3 (Ruy Adorno) #35724

- revert_cares_caa_reply_support.patch: temporarily revert upstream
  patch since it requires an updated c-ares
- old_icu.patch: update v8 sources to use old ICU version

-------------------------------------------------------------------
Tue Oct 20 18:33:10 UTC 2020 - Adam Majer <adam.majer@suse.de>

- Initial release 15.0.0. For complete list of changes since 14.x
  codestream, see

https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V15.md#15.0.0

Places

File nodejs15.changes of Package nodejs15

Places