Wed Sep 28 11:10:44 2016 UTC ()
Update lang/nodejs to 6.7.0

- openssl: Remove support for loading dynamic third-party engine
  modules. An attacker may be able to hide malicious code to be
  inserted into Node.js at runtime by masquerading as one of the
  dynamic engine modules.
- http: CVE-2016-5325 - Properly validate for allowable characters
  in the reason argument in ServerResponse#writeHead().
- buffer: Zero-fill excess bytes in new Buffer objects created
  with Buffer.concat() while providing a totalLength parameter
  that exceeds the total length of the original Buffer objects
  being concatenated.
- src: Fix regression where passing an empty password and/or salt
  to crypto.pbkdf2() would cause a fatal error
- tls: CVE-2016-7099 - Fix invalid wildcard certificate validation
  check whereby a TLS server may be able to serve an invalid
  wildcard certificate for its hostname due to improper validation
  of *. in the wildcard string.
- v8: Fix regression where a regex on a frozen object was broken


(fhajny)
diff -r1.75 -r1.76 pkgsrc/lang/nodejs/Makefile
diff -r1.74 -r1.75 pkgsrc/lang/nodejs/distinfo
cvs diff -r1.75 -r1.76 pkgsrc/lang/nodejs/Makefile (expand / switch to unified diff)

--- pkgsrc/lang/nodejs/Makefile 2016/09/19 13:14:43 1.75
+++ pkgsrc/lang/nodejs/Makefile 2016/09/28 11:10:44 1.76
@@ -1,6 +1,6 @@ @@ -1,6 +1,6 @@
1# $NetBSD: Makefile,v 1.75 2016/09/19 13:14:43 fhajny Exp $ 1# $NetBSD: Makefile,v 1.76 2016/09/28 11:10:44 fhajny Exp $
2 2
3DISTNAME= node-v6.6.0 3DISTNAME= node-v6.7.0
4 4
5.include "../../lang/nodejs/Makefile.common" 5.include "../../lang/nodejs/Makefile.common"
6.include "../../mk/bsd.pkg.mk" 6.include "../../mk/bsd.pkg.mk"
cvs diff -r1.74 -r1.75 pkgsrc/lang/nodejs/distinfo (expand / switch to unified diff)

--- pkgsrc/lang/nodejs/distinfo 2016/09/19 13:14:43 1.74
+++ pkgsrc/lang/nodejs/distinfo 2016/09/28 11:10:44 1.75
@@ -1,19 +1,19 @@ @@ -1,19 +1,19 @@
1$NetBSD: distinfo,v 1.74 2016/09/19 13:14:43 fhajny Exp $ 1$NetBSD: distinfo,v 1.75 2016/09/28 11:10:44 fhajny Exp $
2 2
3SHA1 (node-v6.6.0.tar.gz) = 29e6ff3702c60c99330989007ea084e5360d4106 3SHA1 (node-v6.7.0.tar.gz) = 456e1583f4643a9521e5fa866f7ac17453521a5b
4RMD160 (node-v6.6.0.tar.gz) = def16c0e7872870760fd86ce6ed70ea462ddecd9 4RMD160 (node-v6.7.0.tar.gz) = faf56530e9b77c3411f8f89a5107b9e65b85b893
5SHA512 (node-v6.6.0.tar.gz) = 77c98d120e80265e7cc93429c5df7834933f08fe43307132e3d9fb9d5f9a005c3d56cff9bdd1ce6ffb04ef9a5b0412557c99ac3de75e20e0cc40a78eab9dfebe 5SHA512 (node-v6.7.0.tar.gz) = 3cd095adc0866b780519006098b434e3b126f67a453e44863c773829de4ce29f573d13efa1c50af001009bdb433728309ef7109e144517ffc5dd5e3251b1f511
6Size (node-v6.6.0.tar.gz) = 26398504 bytes 6Size (node-v6.7.0.tar.gz) = 26431821 bytes
7SHA1 (patch-common.gypi) = 5b3a50617358637a6f910de28bb5a14f037317a6 7SHA1 (patch-common.gypi) = 5b3a50617358637a6f910de28bb5a14f037317a6
8SHA1 (patch-deps_cares_cares.gyp) = 2235eb44bc984fa2e745fdf1786f1ae6de6ef80f 8SHA1 (patch-deps_cares_cares.gyp) = 2235eb44bc984fa2e745fdf1786f1ae6de6ef80f
9SHA1 (patch-deps_npm_node__modules_node-gyp_gyp_pylib_gyp_generator_make.py) = 78d6ddd37ae30e869e0da666a78baad86a638c50 9SHA1 (patch-deps_npm_node__modules_node-gyp_gyp_pylib_gyp_generator_make.py) = 78d6ddd37ae30e869e0da666a78baad86a638c50
10SHA1 (patch-deps_uv_common.gypi) = ba9caa1f6d9d6df1913d0d72a8d18ea6db0a32ff 10SHA1 (patch-deps_uv_common.gypi) = ba9caa1f6d9d6df1913d0d72a8d18ea6db0a32ff
11SHA1 (patch-deps_uv_src_unix_netbsd.c) = 0915dcd6ff65ec9bc098c05c32e3fedee9c8168b 11SHA1 (patch-deps_uv_src_unix_netbsd.c) = 0915dcd6ff65ec9bc098c05c32e3fedee9c8168b
12SHA1 (patch-deps_v8_src_arm_cpu-arm.cc) = d0d11ac474ab109a6f40b26fa457b12d742eb48d 12SHA1 (patch-deps_v8_src_arm_cpu-arm.cc) = d0d11ac474ab109a6f40b26fa457b12d742eb48d
13SHA1 (patch-deps_v8_src_base_atomicops.h) = 65b6508f5260ae672b9efc5672ba2c93223355ff 13SHA1 (patch-deps_v8_src_base_atomicops.h) = 65b6508f5260ae672b9efc5672ba2c93223355ff
14SHA1 (patch-deps_v8_src_base_atomicops__internals__arm__gcc.h) = 1352769e157d5b49d019bdcd394db276421cdbad 14SHA1 (patch-deps_v8_src_base_atomicops__internals__arm__gcc.h) = 1352769e157d5b49d019bdcd394db276421cdbad
15SHA1 (patch-deps_v8_src_base_platform_platform-freebsd.cc) = 686c2054838a25cfeed7fb9870a959e48dc4de35 15SHA1 (patch-deps_v8_src_base_platform_platform-freebsd.cc) = 686c2054838a25cfeed7fb9870a959e48dc4de35
16SHA1 (patch-deps_v8_src_base_platform_platform-openbsd.cc) = 0abf6a541f24da87dbbd22f57abcd5534999b3df 16SHA1 (patch-deps_v8_src_base_platform_platform-openbsd.cc) = 0abf6a541f24da87dbbd22f57abcd5534999b3df
17SHA1 (patch-deps_v8_src_base_platform_platform-posix.cc) = eff609b75125dab536934bd8afa640955dcee674 17SHA1 (patch-deps_v8_src_base_platform_platform-posix.cc) = eff609b75125dab536934bd8afa640955dcee674
18SHA1 (patch-deps_v8_src_base_platform_semaphore.cc) = dd8cafadd2668f069dab8625f57fbd71a304db3e 18SHA1 (patch-deps_v8_src_base_platform_semaphore.cc) = dd8cafadd2668f069dab8625f57fbd71a304db3e
19SHA1 (patch-deps_v8_src_log-utils.h) = 32bbf2de2af7a8ab6900a4d5e968dcc1357f6de2 19SHA1 (patch-deps_v8_src_log-utils.h) = 32bbf2de2af7a8ab6900a4d5e968dcc1357f6de2