Hi,
Here is a security update to lang/node that includes:
- fixes for openssl's CVE-2018-0739
- Node.js Inspector DNS rebinding vulnerability (CVE-2018-7160)
Tested and running fine for me on amd64. My arm64 machine is currently
buried under a pile of boxes so I would appreciate if someone could test
on that :D
Cheers,
Aaron
Index: Makefile
===================================================================
RCS file: /cvs/ports/lang/node/Makefile,v
retrieving revision 1.68
diff -u -p -r1.68 Makefile
--- Makefile 10 Feb 2018 14:50:35 -0000 1.68
+++ Makefile 29 Mar 2018 21:24:16 -0000
@@ -10,7 +10,7 @@ USE_WXNEEDED = Yes
COMMENT = V8 JavaScript for clients and servers
-NODE_VERSION = v8.9.4
+NODE_VERSION = v8.11.0
PLEDGE_VER = 1.1.0
DISTFILES = node-pledge-{}${PLEDGE_VER}.tar.gz:0 ${DISTNAME}.tar.gz
Index: distinfo
===================================================================
RCS file: /cvs/ports/lang/node/distinfo,v
retrieving revision 1.45
diff -u -p -r1.45 distinfo
--- distinfo 10 Feb 2018 14:50:35 -0000 1.45
+++ distinfo 29 Mar 2018 21:24:16 -0000
@@ -1,4 +1,4 @@
SHA256 (node-pledge-1.1.0.tar.gz) = BuKnrXSkqpTb5Tfap1AHk+l7ucTJLEWbMFNbgQkNBsw=
-SHA256 (node-v8.9.4.tar.gz) = cptEsysvguzVvvrE91GN4MTjrdNOj+h490V0CmbLvAE=
+SHA256 (node-v8.11.0.tar.gz) = doOmdCWSmPxT3QIOIQ0GKq8CaYmA/ik8ZO0truE0ZqQ=
SIZE (node-pledge-1.1.0.tar.gz) = 2560
-SIZE (node-v8.9.4.tar.gz) = 31274938
+SIZE (node-v8.11.0.tar.gz) = 31029843
--
PGP: 0x1F81112D62A9ADCE / 3586 3350 BFEA C101 DB1A 4AF0 1F81 112D 62A9 ADCE
No comments:
Post a Comment