Index: Makefile
===================================================================
RCS file: /cvs/ports/lang/node/Makefile,v
retrieving revision 1.121
diff -u -p -r1.121 Makefile
--- Makefile 15 May 2023 12:53:40 -0000 1.121
+++ Makefile 20 Jun 2023 21:35:58 -0000
@@ -5,12 +5,11 @@ USE_WXNEEDED = Yes
COMMENT = JavaScript runtime built on Chrome's V8 JavaScript engine
-NODE_VERSION = v18.16.0
+NODE_VERSION = v18.16.1
PLEDGE_VER = 1.1.3
DISTFILES = node-pledge-{}${PLEDGE_VER}.tar.gz:0 \
${DISTNAME}-headers.tar.gz \
${DISTNAME}.tar.xz
-REVISION = 0
DISTNAME = node-${NODE_VERSION}
PKGNAME = ${DISTNAME:S/v//g}
Index: distinfo
===================================================================
RCS file: /cvs/ports/lang/node/distinfo,v
retrieving revision 1.69
diff -u -p -r1.69 distinfo
--- distinfo 4 May 2023 12:25:23 -0000 1.69
+++ distinfo 20 Jun 2023 21:35:58 -0000
@@ -1,6 +1,6 @@
SHA256 (node-pledge-1.1.3.tar.gz) = fEaXvLg6hYEJ69K+mgQFizf8DiJY2/DtyFJB/pEanVU=
-SHA256 (node-v18.16.0-headers.tar.gz) = 7/63NhblKXki7YmhuU0mZDkAQKgxhFBMHMEwWwwMhT8=
-SHA256 (node-v18.16.0.tar.xz) = M9gaIz4jWlCa3aSk8iCQCNBFkZed5rPw9nwckGCT8Rg=
+SHA256 (node-v18.16.1-headers.tar.gz) = jHLwhhI3cxo+KSpL4rals8D1EUr+OjoCtfrTXXs7LMI=
+SHA256 (node-v18.16.1.tar.xz) = 6EBPjI2J/f336Vu7xgZr0OVxrLpY9USSWZthX77v4nI=
SIZE (node-pledge-1.1.3.tar.gz) = 3167
-SIZE (node-v18.16.0-headers.tar.gz) = 8569333
-SIZE (node-v18.16.0.tar.xz) = 40467860
+SIZE (node-v18.16.1-headers.tar.gz) = 8576395
+SIZE (node-v18.16.1.tar.xz) = 40462540
Index: patches/patch-lib_internal_modules_cjs_loader_js
===================================================================
RCS file: /cvs/ports/lang/node/patches/patch-lib_internal_modules_cjs_loader_js,v
retrieving revision 1.10
diff -u -p -r1.10 patch-lib_internal_modules_cjs_loader_js
--- patches/patch-lib_internal_modules_cjs_loader_js 19 Feb 2023 12:27:19 -0000 1.10
+++ patches/patch-lib_internal_modules_cjs_loader_js 20 Jun 2023 21:35:58 -0000
@@ -1,7 +1,7 @@
Index: lib/internal/modules/cjs/loader.js
--- lib/internal/modules/cjs/loader.js.orig
+++ lib/internal/modules/cjs/loader.js
-@@ -1389,7 +1389,10 @@ Module._initPaths = function() {
+@@ -1391,7 +1391,10 @@ Module._initPaths = function() {
path.resolve(process.execPath, '..') :
path.resolve(process.execPath, '..', '..');
node just released a security update, fixing:
CVE-2023-30581:
mainModule.__proto__ Bypass Experimental Policy Mechanism (High)
CVE-2023-30588:
Process interuption due to invalid Public Key information in x509
certificates (Medium)
CVE-2023-30589:
HTTP Request Smuggling via Empty headers separated by CR (Medium)
CVE-2023-30590:
DiffieHellman does not generate keys after setting a private key (Medium)
Bundled OpenSSL and libcares were updated with fixed versions, which
is irrelevant for the port.
The remaining diff between 18.16.0 and 18.16.1 is very small and localized:
https://github.com/nodejs/node/compare/v18.16.0...v18.16.1
Built and tested on amd64, and looking at the changes I really don't see
how they would negatively impact any other platform.
ok?
No comments:
Post a Comment