Wed Jun 3 08:42:41 2020 UTC ()
nodejs12: updated to 12.18.0

Version 12.18.0 'Erbium' (LTS)

Notable changes

This is a security release.

Vulnerabilities fixed:

CVE-2020-8172: TLS session reuse can lead to host certificate verification bypass (High).
CVE-2020-11080: HTTP/2 Large Settings Frame DoS (Low).
CVE-2020-8174: napi_get_value_string_*() allows various kinds of memory corruption (High).

Commits

- crypto: update root certificates
- (SEMVER-MINOR) deps: update nghttp2 to 1.41.0
- (SEMVER-MINOR) http2: implement support for max settings entries
- napi: fix memory corruption vulnerability
- tls: emit session after verifying certificate
- tools: update certdata.txt


(adam)
diff -r1.17 -r1.18 pkgsrc/lang/nodejs12/Makefile
diff -r1.6 -r1.7 pkgsrc/lang/nodejs12/buildlink3.mk
diff -r1.11 -r1.12 pkgsrc/lang/nodejs12/distinfo
cvs diff -r1.17 -r1.18 pkgsrc/lang/nodejs12/Attic/Makefile (expand / switch to unified diff)

--- pkgsrc/lang/nodejs12/Attic/Makefile 2020/06/02 08:22:46 1.17
+++ pkgsrc/lang/nodejs12/Attic/Makefile 2020/06/03 08:42:41 1.18
@@ -1,20 +1,19 @@ @@ -1,20 +1,19 @@
1# $NetBSD: Makefile,v 1.17 2020/06/02 08:22:46 adam Exp $ 1# $NetBSD: Makefile,v 1.18 2020/06/03 08:42:41 adam Exp $
2 2
3DISTNAME= node-v12.17.0 3DISTNAME= node-v12.18.0
4 4
5USE_LANGUAGES= c gnu++14 5USE_LANGUAGES= c gnu++14
6 6
7PKGREVISION= 1 
8.include "../../mk/bsd.prefs.mk" 7.include "../../mk/bsd.prefs.mk"
9 8
10# XXX: figure out a way to add rpaths to torque 9# XXX: figure out a way to add rpaths to torque
11MAKE_ENV+= LD_LIBRARY_PATH=${PREFIX}/lib 10MAKE_ENV+= LD_LIBRARY_PATH=${PREFIX}/lib
12 11
13CONFIGURE_ARGS+= --shared-nghttp2 12CONFIGURE_ARGS+= --shared-nghttp2
14CONFIGURE_ARGS+= --with-intl=system-icu 13CONFIGURE_ARGS+= --with-intl=system-icu
15 14
16CHECK_PORTABILITY_SKIP+= deps/openssl/openssl/.travis-create-release.sh 15CHECK_PORTABILITY_SKIP+= deps/openssl/openssl/.travis-create-release.sh
17CHECK_PORTABILITY_SKIP+= tools/macos-installer/* 16CHECK_PORTABILITY_SKIP+= tools/macos-installer/*
18 17
19.if ${MACHINE_ARCH} == "i386" 18.if ${MACHINE_ARCH} == "i386"
20# 64 bit atomic ops are required 19# 64 bit atomic ops are required
cvs diff -r1.6 -r1.7 pkgsrc/lang/nodejs12/Attic/buildlink3.mk (expand / switch to unified diff)

--- pkgsrc/lang/nodejs12/Attic/buildlink3.mk 2020/06/02 08:22:46 1.6
+++ pkgsrc/lang/nodejs12/Attic/buildlink3.mk 2020/06/03 08:42:41 1.7
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1# $NetBSD: buildlink3.mk,v 1.6 2020/06/02 08:22:46 adam Exp $ 1# $NetBSD: buildlink3.mk,v 1.7 2020/06/03 08:42:41 adam Exp $
2 2
3BUILDLINK_TREE+= nodejs 3BUILDLINK_TREE+= nodejs
4 4
5.if !defined(NODEJS_BUILDLINK3_MK) 5.if !defined(NODEJS_BUILDLINK3_MK)
6NODEJS_BUILDLINK3_MK:= 6NODEJS_BUILDLINK3_MK:=
7 7
8BUILDLINK_API_DEPENDS.nodejs+= nodejs>=10 8BUILDLINK_API_DEPENDS.nodejs+= nodejs>=10
9BUILDLINK_ABI_DEPENDS.nodejs+= nodejs>=12.17.0nb1 9BUILDLINK_ABI_DEPENDS.nodejs+= nodejs>=12.17.0nb1
10BUILDLINK_PKGSRCDIR.nodejs?= ../../lang/nodejs 10BUILDLINK_PKGSRCDIR.nodejs?= ../../lang/nodejs
11 11
12.include "../../mk/bsd.fast.prefs.mk" 12.include "../../mk/bsd.fast.prefs.mk"
13 13
14.if ${OPSYS} != "Darwin" 14.if ${OPSYS} != "Darwin"
@@ -16,20 +16,20 @@ BUILDLINK_PKGSRCDIR.nodejs?= ../../lang/ @@ -16,20 +16,20 @@ BUILDLINK_PKGSRCDIR.nodejs?= ../../lang/
16.endif 16.endif
17# Stated by the changelog 17# Stated by the changelog
18BUILDLINK_API_DEPENDS.libuv+= libuv>=1.23 18BUILDLINK_API_DEPENDS.libuv+= libuv>=1.23
19.include "../../devel/libuv/buildlink3.mk" 19.include "../../devel/libuv/buildlink3.mk"
20.include "../../devel/zlib/buildlink3.mk" 20.include "../../devel/zlib/buildlink3.mk"
21.include "../../net/libcares/buildlink3.mk" 21.include "../../net/libcares/buildlink3.mk"
22.include "../../textproc/icu/buildlink3.mk" 22.include "../../textproc/icu/buildlink3.mk"
23.include "../../www/nghttp2/buildlink3.mk" 23.include "../../www/nghttp2/buildlink3.mk"
24.include "../../mk/pthread.buildlink3.mk" 24.include "../../mk/pthread.buildlink3.mk"
25 25
26pkgbase := nodejs 26pkgbase := nodejs
27.include "../../mk/pkg-build-options.mk" 27.include "../../mk/pkg-build-options.mk"
28 28
29.if !empty(PKG_BUILD_OPTIONS.nodejs:Mopenssl) 29.if ${PKG_BUILD_OPTIONS.nodejs:Mopenssl}
30. include "../../security/openssl/buildlink3.mk" 30. include "../../security/openssl/buildlink3.mk"
31.endif 31.endif
32 32
33.endif # NODEJS_BUILDLINK3_MK 33.endif # NODEJS_BUILDLINK3_MK
34 34
35BUILDLINK_TREE+= -nodejs 35BUILDLINK_TREE+= -nodejs
cvs diff -r1.11 -r1.12 pkgsrc/lang/nodejs12/Attic/distinfo (expand / switch to unified diff)

--- pkgsrc/lang/nodejs12/Attic/distinfo 2020/05/30 20:45:12 1.11
+++ pkgsrc/lang/nodejs12/Attic/distinfo 2020/06/03 08:42:41 1.12
@@ -1,19 +1,19 @@ @@ -1,19 +1,19 @@
1$NetBSD: distinfo,v 1.11 2020/05/30 20:45:12 joerg Exp $ 1$NetBSD: distinfo,v 1.12 2020/06/03 08:42:41 adam Exp $
2 2
3SHA1 (node-v12.17.0.tar.gz) = dc53d894b4da759a7ee4cd1d96d6e59449503570 3SHA1 (node-v12.18.0.tar.gz) = 64ae33910c22fbca45979944b7bb01e6fd72788d
4RMD160 (node-v12.17.0.tar.gz) = 55dc3d91e1773f4bfb8a9a6e062c9f82a41169b1 4RMD160 (node-v12.18.0.tar.gz) = d300996ae8390687a0011595f02f25bc10eb815d
5SHA512 (node-v12.17.0.tar.gz) = 2c003fb5684adcfbab9a096ada336efa92703043febbf48753bc57693528779cdea5b6d30614c4b406e24fbd85fb7750148e4185b99fa74d52b8fbddfcc7f7b5 5SHA512 (node-v12.18.0.tar.gz) = fc47292b7bb13996e6162261ae3341be2414f32b0a76c5d73d3404eb4439bbdbf9415301270b52507b38bc28b431690ba026ab399f39ff1147a9719cb294692f
6Size (node-v12.17.0.tar.gz) = 52417986 bytes 6Size (node-v12.18.0.tar.gz) = 52416819 bytes
7SHA1 (patch-common.gypi) = a3fa3b5b974f910b3c8fea640ded4dca262e1ba8 7SHA1 (patch-common.gypi) = a3fa3b5b974f910b3c8fea640ded4dca262e1ba8
8SHA1 (patch-deps_cares_cares.gyp) = 22b44f2ac59963f694dfe4f4585e08960b3dec32 8SHA1 (patch-deps_cares_cares.gyp) = 22b44f2ac59963f694dfe4f4585e08960b3dec32
9SHA1 (patch-deps_uv_common.gypi) = d38a9c8d9e3522f15812aec2f5b1e1e636d4bab3 9SHA1 (patch-deps_uv_common.gypi) = d38a9c8d9e3522f15812aec2f5b1e1e636d4bab3
10SHA1 (patch-deps_v8_src_base_atomicops.h) = d1ef20a3fee1d188687bd76836ada6f2c8e0787f 10SHA1 (patch-deps_v8_src_base_atomicops.h) = d1ef20a3fee1d188687bd76836ada6f2c8e0787f
11SHA1 (patch-deps_v8_src_base_platform_platform-freebsd.cc) = 1c8aea6dca18159740212de221e467c70796bcd5 11SHA1 (patch-deps_v8_src_base_platform_platform-freebsd.cc) = 1c8aea6dca18159740212de221e467c70796bcd5
12SHA1 (patch-deps_v8_src_base_platform_platform-openbsd.cc) = 5e593879dbab095f99e82593272a0de91043f9a8 12SHA1 (patch-deps_v8_src_base_platform_platform-openbsd.cc) = 5e593879dbab095f99e82593272a0de91043f9a8
13SHA1 (patch-deps_v8_src_base_platform_platform-posix.cc) = 0d80cc6587af9220832de112834e9f50242f819f 13SHA1 (patch-deps_v8_src_base_platform_platform-posix.cc) = 0d80cc6587af9220832de112834e9f50242f819f
14SHA1 (patch-deps_v8_src_base_platform_semaphore.cc) = 802a95f1b1d131e0d85c1f99c659cc68b31ba2f6 14SHA1 (patch-deps_v8_src_base_platform_semaphore.cc) = 802a95f1b1d131e0d85c1f99c659cc68b31ba2f6
15SHA1 (patch-deps_v8_src_common_globals.h) = 86637724864389f2b24251904de41669a2f00fbc 15SHA1 (patch-deps_v8_src_common_globals.h) = 86637724864389f2b24251904de41669a2f00fbc
16SHA1 (patch-deps_v8_src_compiler_types.h) = 2a212282ab9d71e98ae56827fdb1d9778a6047a5 16SHA1 (patch-deps_v8_src_compiler_types.h) = 2a212282ab9d71e98ae56827fdb1d9778a6047a5
17SHA1 (patch-deps_v8_src_zone_zone.h) = 651b49d242dac8f713cccc101147ccf61f828ecb 17SHA1 (patch-deps_v8_src_zone_zone.h) = 651b49d242dac8f713cccc101147ccf61f828ecb
18SHA1 (patch-deps_v8_tools_run-llprof.sh) = 39aa3faf77492ef8dd35b411b7b0e4605b469af3 18SHA1 (patch-deps_v8_tools_run-llprof.sh) = 39aa3faf77492ef8dd35b411b7b0e4605b469af3
19SHA1 (patch-node.gypi) = 4a104dba6c22702211009bc60a6be6f87554e2fa 19SHA1 (patch-node.gypi) = 4a104dba6c22702211009bc60a6be6f87554e2fa