---
- branch: MAIN
  date: Wed Feb 10 11:09:23 UTC 2016
  files:
  - new: '1.56'
    old: '1.55'
    path: pkgsrc/lang/nodejs/Makefile
    pathrev: pkgsrc/lang/nodejs/Makefile@1.56
    type: modified
  - new: '1.30'
    old: '1.29'
    path: pkgsrc/lang/nodejs/PLIST
    pathrev: pkgsrc/lang/nodejs/PLIST@1.30
    type: modified
  - new: '1.55'
    old: '1.54'
    path: pkgsrc/lang/nodejs/distinfo
    pathrev: pkgsrc/lang/nodejs/distinfo@1.55
    type: modified
  id: 20160210T110923Z.f1fda42025e5f4484ad020d0494db32a7499c0d5
  log: |
    Update lang/nodejs to 5.6.0.

    - http: fix defects in HTTP header parsing for requests and responses
      that can allow request smuggling (CVE-2016-2086) or response
      splitting (CVE-2016-2216). HTTP header parsing now aligns more
      closely with the HTTP spec including restricting the acceptable
      characters.
    - http-parser: upgrade from 2.6.0 to 2.6.1
    - npm: upgrade npm from 3.3.12 to 3.6.0 (Rebecca Turner) #4958
    - openssl: upgrade from 1.0.2e to 1.0.2f. To mitigate against the
      Logjam attack, TLS clients now reject Diffie-Hellman handshakes
      with parameters shorter than 1024-bits, up from the previous
      limit of 768-bits.
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/lang/nodejs'
  unixtime: '1455102563'
  user: fhajny