SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for nodejs10-devel-10.4.1-4.1.x86_64.rpm :

* Wed Jun 13 2018 adam.majerAATTsuse.de- New upstream release 10.4.1:
* Fixes memory exhaustion DoS: Fixes a bug that increases the memory consumed when reading from the network into JavaScript using the net.Socket object directly as a stream (CVE-2018-7164, bsc#1097537)
* http2: + Fixes Denial of Service vulnerability by updating the http2 implementation to not crash under certain circumstances during cleanup (CVE-2018-7161, bsc#1097404) + Unbundled nghttp2 to fix Denial of Service vulnerability (CVE-2018-1000168, bsc#1097401)
* tls: Fixes Denial of Service vulnerability by updating the TLS implementation to not crash upon receiving (CVE-2018-7162, bsc#1097538)
* Mon Jun 11 2018 adam.majerAATTsuse.de- New upstream release 10.4.0:
* deps: update V8 to 6.7.288.43
* stream: ensure Stream.pipeline re-throws errors without callback- Changes in version 10.3.0:
* deps: upgrade npm to 6.1.0
* fs: fix reads with pos > 4GB
* net: new option to allow IPC servers to be readable and writable by all users
* stream: fix removeAllListeners() for Stream.Readable to work as expected when no arguments are passed npm_search_paths.patch: no longer override explicitly prefixed etc/ versioned.patch, env_shebang.patch: refreshed
* Thu May 24 2018 adam.majerAATTsuse.de- New upstream release 10.2.0:
* addons: Fixed a memory leak for users of AsyncResource and N-API.
* assert: The error parameter of assert.throws() can now be an object containing regular expressions.
* crypto: The authTagLength option has been made more flexible.
* esm: Builtin modules now provide named exports in ES6 modules.
* http: Handling of close and aborted events has been made more consistent.
* module: add --preserve-symlinks-main
* timers: timeout.refresh() has been added to the public API.- fix_ci_tests.patch: refreshed- versioned.patch: refreshed
* Wed May 23 2018 adam.majerAATTsuse.de- use gcc7 for SLE12- versioned.patch: set node version in environment to 10- manual_configure.patch: configure nghttp2 correctly- icu_small_grouping.patch: prevents undefined behaviour possibility
* Fri May 11 2018 adam.majerAATTsuse.de- New upstream release 10.1.0:
* console: make console.table() use colored inspect
* fs: move fs/promises to fs.promises
* http: added aborted property to request
* n-api: initialize a module via a special symbol
* src: add public API to expose the main V8 Platform- Changes in version 10.0.0:
* Assert: + Calling assert.fail() with more than one argument is deprecated. + Calling assert.ok() with no arguments will now throw. + Calling assert.ifError() will now throw with any argument other than undefined or null. Previously the method would throw with any truthy value.
* Async_hooks: + Older experimental async_hooks APIs have been removed.
* Buffer: + Uses of new Buffer() and Buffer() outside of the node_modules directory will now emit a runtime deprecation warning. + Buffer.isEncoding() now returns undefined for falsy values, including an empty string. + Buffer.fill() will throw if an attempt is made to fill with an empty Buffer.
* Child Process: Undefined properties of env are ignored.
* console: console.table() method has been added.
* crypto: + The crypto.createCipher() and crypto.createDecipher() methods have been deprecated. Please use crypto.createCipheriv() and crypto.createDecipheriv() instead. + The decipher.finaltol() method has been deprecated. + The crypto.DEFAULT_ENCODING property has been deprecated. + The ECDH.convertKey() method has been added. + The crypto.fips property has been deprecated.
* deps: + V8 has been updated to 6.6 + npm upgraded to 5.8.0
* EventEmitter: + The EventEmitter.prototype.off() method has been added as an alias for EventEmitter.prototype.removeListener().
* File System: + The fs/promises API provides experimental promisified versions of the fs functions. + Invalid path errors are now thrown synchronously. + fs.readFile() method now partitions reads to avoid thread pool exhaustion.
* http: + Processing of HTTP Status codes 100, 102-199 has been improved. + Multi-byte characters in URL paths are now forbidden.
* N-API: The n-api is no longer experimental.
* net: The \'close\' event will be emitted after \'end\'.
* perf_hooks: + The PerformanceObserver class is now an AsyncResource and can be monitored using async_hooks. + Trace events are now emitted for performance events. + The performance API has been simplified. + Performance milestone marks will be emitted as trace events.
* process: + Using non-string values for process.env is deprecated. + The process.assert() method is deprecated.
* repl: + REPL now experimentally supports top-level await when using the --experimental-repl-await flag. + The previously deprecated \"magic mode\" has been removed. + The previously deprecated NODE_REPL_HISTORY_FILE environment variable has been removed. + Proxy objects are shown as Proxy objects when inspected.
* streams: + The \'readable\' event is now always deferred with nextTick. + A new pipeline() method has been provided for building end-to-data stream pipelines. + support for async for-await has been added to stream.Readable
* timers: The enroll() and unenroll() methods have been deprecated
* tls: + The tls.convertNPNProtocols() method has been deprecated. + Support for NPN (next protocol negotiation) has been dropped. + The ecdhCurve default is now \'auto\'.
* Trace Events: + A new trace_events top-level module allows trace event categories to be enabled/disabled at runtime.
* URL: The WHATWG URL API is now a global.
* Util: + util.types.is[…] type checks have been added. + Support for bigint formatting has been added to util.inspect().- OpenSSL 1.1.0+ is required.- versioned.patch: rebased
* Wed Apr 18 2018 adam.majerAATTsuse.de- New upstream release 9.11.1:
* deps: Updated ICU to 61.1
* fs: Emit \'ready\' event for ReadStream and WriteStream
* n-api: Bump version of n-api supported to 3
* net: Emit \'ready\' event for Socket- versioned.patch, nodejs-libpath.patch: refreshed
* Thu Apr 05 2018 adam.majerAATTsuse.de- Install license with %license, not %doc (bsc#1082318)
* Wed Apr 04 2018 adam.majerAATTsuse.de- Fix some node-gyp permissions
* Tue Apr 03 2018 adam.majerAATTsuse.de- New upstream release 9.10.1:
* Security fixes: + Fix for inspector DNS rebinding vulnerability (bsc#1087463, CVE-2018-7160) + Fix for \'path\' module regular expression denial of service (bsc#1087459, CVE-2018-7158) + Reject spaces in HTTP Content-Length header values (bsc#1087453, CVE-2018-7159)
* cluster: Add support for NODE_OPTIONS=\"--inspect\"
* crypto: Expose the public key of a certificate
* n-api: Add napi_fatal_exception to trigger an uncaughtException in JavaScript
* path: Fix regression in posix.normalize
* stream: Improve stream creation performance
* update bundled OpenSSL for codestreams older than SLE12:SP2
* Thu Mar 22 2018 adam.majerAATTsuse.de- New upstream release 9.9.0:
* assert: From now on all error messages produced by assert in strict mode will produce a error diff.
* crypto: allow passing null as IV unless required
* fs: support as and as+ flags in stringToFlags()
* tls: expose Finished messages in TLSSocket
* tty: Add getColorDepth function to determine if terminal supports colors.
* util: add util.inspect compact option- Changes in version 9.8.0:
* crypto: add cert.fingerprint256 as SHA256 fingerprint
* http2: Fixed issues with aborted connections
* loader: --inspect-brk now works properly for esmodules
* src: make process.dlopen() load well-known symbol
* trace_events: add file pattern cli option- remove any old manpage files in %pre from before update-alternatives were used to manage symlinks to these manpages.
* Fri Mar 02 2018 adam.majerAATTsuse.de- New upstream release 9.7.1/9.7.0:
* deps: libuv updated to 1.19.2
* src: Add initial support for Node.js-specific post-mortem metadata
* timers: return value of setImmediate() now has ref() and unref()
* util: platform-specific error codes now have string representation- Changes in version 9.6.0:
* async_hooks: + deprecate unsafe emit{Before,After} + rename PromiseWrap.parentId to PromiseWrap.isChainedPromise
* deps: + update node-inspect to 1.11.3 + ICU 60.2 bump + Introduce ScriptOrModule and HostDefinedOptions to V8
* http: add options to http.createServer() for IncomingMessage and ServerReponse
* http2: add http fallback options to .createServer
* https: Adds the remaining options from tls.createSecureContext() to the string generated by Agent#getName(). This allows https.request() to accept the options and generate unique sockets appropriately.
* inspector: --inspect-brk for es modules
* lib: allow process kill by signal number
* module: enable dynamic import
* n-api: add methods to open/close callback scope
* src: allow --perf-(basic-)?prof in NODE_OPTIONS
* vm: add support for es modules- gyp_to_python3.patch: attempt to add support for python3.- fix_ci_tests.patch, versioned.patch: refreshed
* Tue Feb 13 2018 adam.majerAATTsuse.de- Add Recommends and BuildRequire on python2 for npm. node-gyp requires this old version of python for now. This is only needed for binary modules.
* Wed Feb 07 2018 adam.majerAATTsuse.de- Fix spec file typo- Use gcc7 on Leap 42.3
* Thu Feb 01 2018 adam.majerAATTsuse.de- New upstream release 9.5.0:
* cluster: add cwd to cluster.settings
* deps: libuv upgraded to 1.19.1
* n-api: expose n-api version in proces.versions
* perf_hooks: add performance.clear()
* stream: avoid writeAfterEnd()- Changes in release 9.4.0:
* async_hooks: deprecate AsyncHooks Sensitive API and runInAsyncIdScope. Neither was documented.
* deps: + upgrade nghttp2 to 1.29.0 + upgrade npm to 5.6.0
* http2: + implement maxSessionMemory + add initial support for originSet + add altsvc support + perf_hooks integration
* net: remove Socket.prototype.listen
* repl: show lexically scoped vars in tab completion
* stream: + remove writeableState.length and readableState.length + add flow and buffer properties to streams
* util: allow windcards in NODE_DEBUG variable
* zlib: add ArrayBuffer support
* Tue Jan 30 2018 roAATTsuse.de- even on recent codestreams there is no binutils gold on s390 only on s390x
* Wed Jan 10 2018 adam.majerAATTsuse.de- nodejs-sle11-python26-check_output.patch: refreshed
* Fri Dec 22 2017 adam.majerAATTsuse.de- Enable CI tests in %check target + fix_ci_tests.patch: - DNS queries in buildroots are failing with EAI_AGAIN - disable test-module-loading-globalpaths.js - we have hardcoded global paths + versioned.patch: call versioned node binary for tests- node-gyp-addon-gypi.patch: fix typo allowing unit tests to compile
* Fri Dec 15 2017 adam.majerAATTsuse.de- New upstream release 9.3.0:
* async_hooks: + add trace events to async_hooks + add provider types for net server
* console: console.debug can now be used outside of the inspector
* deps: + upgrade libuv to 1.18.0 + patch V8 to 6.2.414.46
* module.builtinModules will return a list of built in modules
* n-api: add helper for addons to get the event loop
* process: + process.setUncaughtExceptionCaptureCallback can now be used to customize behavior for --abort-on-uncaught-exception + A signal handler is now able to receive the signal code that triggered the handler.
* stream: writable.writableHighWaterMark and readable.readableHighWaterMark will return the values the stream object with which it was instantiated.- Dropped 8334.diff - no longer needed
* Sat Dec 09 2017 qantas94heavyAATTgmail.com- New upstream release 9.2.1:
* buffer: buffers allocated with an invalid content will now be zero filled [ CVE-2017-15897 ]
* deps/openssl: updated to 1.0.2n (only applies to SLE 12 SP1 and lower) (bsc#1072322) [ CVE-2017-3738 CVE-2017-15896 ]- Remove unnecessary curl BuildRequires- Enable gold linker on s390x (TW and SLE/Leap 15)- Build with bundled ICU if system ICU not available (only applies to SLE 11/12 and Leap 42.x)
* Wed Nov 29 2017 qantas94heavyAATTgmail.com- Change BuildRequires from openssl-devel to libopenssl-1_0_0-devel due to Tumbleweed/Leap 15 change to OpenSSL 1.1.0 as default
* Thu Nov 16 2017 adam.majerAATTsuse.de- Update nodejs.keyring based on current Release Team as found on https://github.com/nodejs/node#release-team- New upstream version 9.2.0
* crypto: Support building with both OpenSSL 1.1.0
* fs: fs.realpathSync.native and fs.realpath.native are now exposed
* process: expose process.ppid
* Mon Nov 13 2017 adam.majerAATTsuse.de- Fix permissions of node-gyp. This should be executable to allow building of binary node modules.
* Fri Nov 10 2017 adam.majerAATTsuse.de- New upstream version 9.1.0
* cli: NODE_OPTIONS now supports the --stack-trace-limit option.
* http: + A \'connect\' event handler leak has been fixed. + The 103 Early Hints status code is now supported.- Changes in upstream version 9.0.0
* async: Older experimental APIs have been removed.
* errors: The assignment of static error codes to Node.js errors
* child_processes: Errors are emitted on process nextTick.
* domains: The long-deprecated .dispose() method has been removed
* fs: + fs.ReadStream and fs.WriteStream classes now use destroy(). + module callbacks are now invoked with an undefined context.
* HTTP/1: + 400 Bad Request response will now be sent when parsing fails. + Socket timeout will be set when the socket connects. + A bug causing the request \'error\' event to fire twice is fixed. + HTTP clients may now use generic Duplex streams in addition to net.Socket.
* intl: The deprecated Intl.v8BreakIterator has been removed.
* os: The os.EOL property is now read-only
* timers: setTimeout() will emit a warning if the timeout is larger that the maximum 32-bit unsigned integer.- .changes file trimmed to only include changes relative to 9.x line. If you would like to see older changes, please see nodejs8 package.- icu59.patch 0f3e69db.patch: removed empty patches
  
ICM