Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK)) by mollari.NetBSD.org (Postfix) with ESMTPS id 9EDA1A66CF for ; Thu, 24 Sep 2015 14:17:20 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 605) id 46DEE14A301; Thu, 24 Sep 2015 14:17:20 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 6613F14A23A for ; Thu, 24 Sep 2015 14:17:19 +0000 (UTC) X-Virus-Scanned: amavisd-new at NetBSD.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.NetBSD.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id NZMoUi8cs6ev for ; Thu, 24 Sep 2015 14:17:18 +0000 (UTC) Received: from cvs.netbsd.org (cvs.NetBSD.org [IPv6:2001:4f8:3:7:2e0:81ff:fe30:95bd]) by mail.netbsd.org (Postfix) with ESMTP id B511914A1EB for ; Thu, 24 Sep 2015 14:17:18 +0000 (UTC) Received: by cvs.netbsd.org (Postfix, from userid 500) id B2BBA98; Thu, 24 Sep 2015 14:17:18 +0000 (UTC) Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" MIME-Version: 1.0 Date: Thu, 24 Sep 2015 14:17:18 +0000 From: "Filip Hajny" Subject: CVS commit: pkgsrc/lang/nodejs To: pkgsrc-changes@NetBSD.org Reply-To: fhajny@netbsd.org X-Mailer: log_accum Message-Id: <20150924141718.B2BBA98@cvs.netbsd.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk Module Name: pkgsrc Committed By: fhajny Date: Thu Sep 24 14:17:18 UTC 2015 Modified Files: pkgsrc/lang/nodejs: Makefile PLIST distinfo Log Message: Update lang/nodejs to 4.1.1. ok by jperkin. - buffer: Fixed a bug introduced in v4.1.0 where allocating a new zero-length buffer can result in the next allocation of a TypedArray in JavaScript not being zero-filled. In certain circumstances this could result in data leakage via reuse of memory space in TypedArrays, breaking the normally safe assumption that TypedArrays should be always zero-filled. - http: Guard against response-splitting of HTTP trailing headers added via response.addTrailers() by removing new-line ([\r\n]) characters from values. Note that standard header values are already stripped of new-line characters. The expected security impact is low because trailing headers are rarely used. - npm: Upgrade to npm 2.14.4 from 2.14.3, see release notes for full details - Upgrades graceful-fs on multiple dependencies to no longer rely on monkey-patching fs - Fix npm link for pre-release / RC builds of Node - v8: Update post-mortem metadata to allow post-mortem debugging tools to find and inspect: - JavaScript objects that use dictionary properties - ScopeInfo and thus closures To generate a diff of this commit: cvs rdiff -u -r1.41 -r1.42 pkgsrc/lang/nodejs/Makefile cvs rdiff -u -r1.25 -r1.26 pkgsrc/lang/nodejs/PLIST cvs rdiff -u -r1.38 -r1.39 pkgsrc/lang/nodejs/distinfo Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.