| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: nodejs16 | Distribution: openSUSE Step 15 |
| Version: 16.18.1 | Vendor: openSUSE |
| Release: 3.13.1 | Build date: Tue Nov 15 22:21:37 2022 |
| Group: Development/Languages/NodeJS | Build host: armbuild25 |
| Size: 31767539 | Source RPM: nodejs16-16.18.1-3.13.1.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://nodejs.org | |
| Summary: Evented I/O for V8 JavaScript | |
Node.js is a JavaScript runtime built on Chrome's V8 JavaScript engine. Node.js uses an event-driven, non-blocking I/O model. Node.js has a package ecosystem provided by npm.
MIT
* Mon Nov 07 2022 adam.majer@suse.de
- Update to LTS versino 16.18.1:
* inspector: DNS rebinding in --inspect via invalid octal IP
(bsc#1205119, CVE-2022-43548)
* Thu Oct 13 2022 adam.majer@suse.de
- Update to LTS version 16.18.0:
* http: throw error on content-length mismatch
* stream: add ReadableByteStream.tee()
* deps: npm updated to 8.19.2
- nodejs-libpath.patch, fix_ci_tests.patch, versioned.patch: refreshed
- undici_5.8.1.patch, undici_5.8.2.patch: upstreamed and removed
- systemtap.patch: upstream regression
* Mon Sep 26 2022 adam.majer@suse.de
- Update to Nodejs 16.17.1:
* deps: llhttp updated to 6.0.9
+ CVE-2022-32213 bypass via obs-fold mechanic (bsc#1201325)
+ Incorrect Parsing of Multi-line Transfer-Encoding
(CVE-2022-32215, bsc#1201327)
+ Incorrect Parsing of Header Fields (CVE-2022-35256, bsc#1203832)
* crypto: fix weak randomness in WebCrypto keygen
(CVE-2022-35255, bsc#1203831)
* Sat Sep 17 2022 brunopitrus@hotmail.com
- Skip test-fs-utimes-y2K38.js on armv6hl as well as armv7hl.
* Thu Aug 25 2022 adam.majer@suse.de
- undici_5.8.1.patch, undici_5.8.2.patch: update undici to 5.8.2
(bsc#1202382, CVE-2022-35949, bsc#1202383, CVE-2022-35948)
* Tue Aug 16 2022 adam.majer@suse.de
- enable crypto-policies for SLE15 SP4+ and TW (bsc#1200303)
- Update to LTS version 16.17.0:
* deps: upgrade npm to 8.15.0
* Improved interoperability of the Web Crypto API
* Updated Undici to 5.8.0 (bsc#1201710, CVE-2022-31150)
For full list of changes, see
https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V16.md#16.17.0
- nodejs-libpath.patch, versioned.patch: refreshed patches
* Mon Jul 11 2022 adam.majer@suse.de
- Update to LTS version 16.16.0:
* http: stricter Transfer-Encoding and header separator parsing
(bsc#1201325, bsc#1201326, bsc#1201327,
CVE-2022-32213, CVE-2022-32214, CVE-2022-32215)
* src: fix IPv4 validation in inspector_socket
(bsc#1201328, CVE-2022-32212)
* Thu Jun 23 2022 rpm@fthiessen.de
- Update to LTS version 16.15.1
* upgrade npm to 8.11.0 (bsc#1200517, CVE-2022-29244)
- Update to LTS version 16.15.0
* Add experimental support to the fetch API. This adds the
`--experimental-fetch` flag that installs the fetch, Request,
Response, Headers, and FormData globals.
* Broken x32 support is removed
* crypto: Add KeyObject.prototype.equals method
* esm: support https remotely and http locally under flag
* module: unflag esm jso
- rebased: nodejs-libpath.patch, npm_search_paths.patch, versioned.patch
* Wed Apr 13 2022 adam.majer@suse.de
- update to LTS release 16.14.2:
* deps: upgrade openssl sources to OpenSSL_1_1_1n
- fix_ci_tests.patch: refreshed
* Wed Mar 16 2022 adam.majer@suse.de
- update to LTS release 16.14.1:
* deps: upgrade npm to 8.5.0
* http2: fix memory leak on nghttp2 hd threshold
- 42342.patch: upstreamed, dropped
- versioned.patch: refreshed
* Tue Mar 15 2022 adam.majer@suse.de
- 42342.patch: fix expired certificates in unit tests
* Thu Feb 17 2022 adam.majer@suse.de
- update to LTS release 16.14.0:
* deps: upgrade npm to 8.1.4
* child_process: add support for URL to cp.fork
* fs: accept URL as argument for fs.rm and fs.rmSync
* lib:
+ make AbortSignal cloneable/transferable
+ add AbortSignal.timeout
+ add reason to AbortSignal
+ add unsubscribe method to non-active DC channels
* process: add getActiveResourcesInfo()
* src:
+ add x509.fingerprint512 to crypto module
+ add flags for controlling process behavior
* stream:
+ add map and filter methods to readable
+ deprecate thenable support
* timers: add experimental scheduler api
* util:
+ add numericSeparator to util.inspect
+ always visualize cause property in errors during inspection
+ pass through the inspect function to custom inspect functions
npm_search_paths.patch, versioned.patch: refreshed
* Fri Jan 28 2022 adam.majer@suse.de
- Add buildtime version check to determine if we need patched
openssl Requires: or already in upstream. (bsc#1192489)
* Tue Jan 18 2022 adam.majer@suse.de
- rsa-pss-revert.patch: dropped, since openssl updated with needed
functionality
* Tue Jan 11 2022 adam.majer@suse.de
- update to 16.13.2:
Security update fixing the following issues:
* Improper handling of URI Subject Alternative Names (Medium)
(CVE-2021-44531, bsc#1194511)
* Certificate Verification Bypass via String Injection (Medium)
(CVE-2021-44532, bsc#1194512)
* Incorrect handling of certificate subject and issuer fields (Medium)
(CVE-2021-44533, bsc#1194513)
* Prototype pollution via console.table properties (Low)
(CVE-2022-21824, bsc#1194514)
* Wed Jan 05 2022 adam.majer@suse.de
- fix_ci_tests.patch: fix tests on s390x
* Tue Jan 04 2022 adam.majer@suse.de
- rsa-pss-revert.patch: temporarily revert functionality requiring
newer openssl
* Tue Dec 07 2021 adam.majer@suse.de
- Update to 16.13.1:
* deps: upgrade npm to 8.1.2
* lib: fix regular expression to detect `/` and `\`
- 40670.patch: upstreamed
- fix_ci_tests.patch: refreshed
* Thu Nov 25 2021 guillaume.gardet@opensuse.org
- Fix CXXFLAGS in Tumbleweed - boo#1192824
* Tue Nov 09 2021 adam.majer@suse.de
- BR python 3.6+
* Sat Nov 06 2021 adam.majer@suse.de
- Update to 16.13.0:
* Experimental ESM Loader Hooks API
https://github.com/nodejs/node/pull/37468
* deps: upgrade npm to 8.1.0 (npm team)
* vm: add support for import assertions in dynamic imports
- Changes in 16.11.1:
* deps: update llhttp to 6.0.4
- HTTP Request Smuggling due to spaced in headers
(bsc#1191601, CVE-2021-22959)
- HTTP Request Smuggling when parsing the body
(bsc#1191602, CVE-2021-22960)
- Changes in 16.11.0:
* deps: update nghttp2 to v1.45.1
- Changes in 16.10.0:
* crypto: add rsa-pss keygen parameters
* fs: make open and close stream override optional when unused
* http: limit requests per connection
The maximum number of requests a socket can handle before closing
keep alive connection can be set with server.maxRequestsPerSocket.
* src: add --no-global-search-paths cli option
* stream: add signal support to pipeline generators
- Changes in 16.9.0:
* Added support for corepack
* crypto: add RSA-PSS params to asymmetricKeyDetails
* module: support pattern trailers
* stream: add stream.compose
- Changes in 16.8.0:
* doc: deprecate type coercion for dns.lookup options
* stream: add stream.Duplex.from utility and isDisturbed helper
* util: expose toUSVString
- Changes in 16.7.0:
* fs: experimental: add recursive cp method
- refreshed: fix_ci_tests.patch, flaky_test_rerun.patch,
nodejs-libpath.patch, sle12_python3_compat.patch,
versioned.patch, node_modules.tar.xz
* Tue Nov 02 2021 dimstar@opensuse.org
- Add 40670.patch: test: fix test-datetime-change-notify after
daylight change.
* Fri Oct 15 2021 mail@bernhard-voelker.de
- test-skip-y2038-on-32bit-time_t.patch: Add patch to skip the test
'test/parallel/test-fs-utimes-y2K38.js' which fails with a FP
on platforms with 32-bit time_t.
- nodejs16.spec: Reference it.
* Thu Aug 12 2021 adam.majer@suse.de
- Update to 16.6.2:
* CVE-2021-3672/CVE-2021-22931: Improper handling of untypical
characters in domain names (bsc#1189370, bsc#1188881)
* CVE-2021-22940: Use after free on close http2 on stream canceling
(bsc#1189368)
* CVE-2021-22939: Incomplete validation of rejectUnauthorized parameter
(bsc#1189369)
* deps: upgrade npm to 7.20.3
* deps: revert ABI-breaking change from V8 9.2
* module: fix ERR_REQUIRE_ESM error for null frames
- cares_public_headers.patch: don't use private headers
* Mon Aug 02 2021 adam.majer@suse.de
- Update to 16.6.0:
http2: fixes use after free on close http2 on stream canceling
(bsc#1188917, CVE-2021-22930)
* Thu Jul 22 2021 adam.majer@suse.de
- legacy_python.patch: fix building with python 3.4 in SLE-12
* Wed Jul 21 2021 adam.majer@suse.de
- Update to 16.5.0:
* deps: upgrade npm to 7.19.1
* fs: allow empty string for temp directory prefix
* Node.js now exposes an experimental implementation of the
Web Streams API
* Fri Jul 02 2021 adam.majer@suse.de
- Update to 16.4.1:
deps: libuv upgrade - Out of bounds read (Medium)
(bsc#1187973, CVE-2021-22918)
* Thu Jul 01 2021 adam.majer@suse.de
- node-gyp_7.1.2.tar.xz: for SLE-12, use latest node-gyp that
is compatible with python 3.4
* Wed Jun 23 2021 adam.majer@suse.de
- Update to 16.4.0:
* async_hooks: stabilize part of AsyncLocalStorage
* deps:
+ upgrade npm to 7.18.1
+ update V8 to 9.1.269.36
* dns: allow --dns-result-order to change default dns verbatim
* Mon Jun 21 2021 asn@cryptomilk.org
- Allow building for Fedora in the OBS
* Fri Jun 04 2021 dmueller@suse.com
- update to 16.3.0:
* add -C alias for --conditions flag
* add workspaces support to npm install commands
* Mon May 31 2021 adam.majer@suse.de
- Use libalternatives instead of update-alternatives
* Thu May 20 2021 adam.majer@suse.de
- New upstream version 16.2.0:
* async_hooks: use new v8::Context PromiseHook API
* deps: npm updated to 7.13.0
* lib: support setting process.env.TZ on windows
* module: add support for URL to import.meta.resolve
* process: add 'worker' event
* util: add util.types.isKeyObject and util.types.isCryptoKey
* Wed May 05 2021 adam.majer@suse.de
- New upstream version 16.1.0
fs: allow no-params fsPromises fileHandle read
* Tue May 04 2021 adam.majer@suse.de
- New upstrean version 16.0.0:
For complete list of changes since 15.x, please see
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V16.md#16.0.0
* Wed Mar 17 2021 adam.majer@suse.de
- Import staging 16.x
/etc/alternatives/node-default /etc/alternatives/node.1.gz /usr/bin/node-default /usr/bin/node16 /usr/lib/node_modules /usr/share/doc/packages/nodejs16 /usr/share/doc/packages/nodejs16/AUTHORS /usr/share/doc/packages/nodejs16/BUILDING.md /usr/share/doc/packages/nodejs16/CHANGELOG.md /usr/share/doc/packages/nodejs16/CODE_OF_CONDUCT.md /usr/share/doc/packages/nodejs16/CONTRIBUTING.md /usr/share/doc/packages/nodejs16/GOVERNANCE.md /usr/share/doc/packages/nodejs16/README.md /usr/share/doc/packages/nodejs16/SECURITY.md /usr/share/doc/packages/nodejs16/gdbinit /usr/share/doc/packages/nodejs16/glossary.md /usr/share/doc/packages/nodejs16/onboarding.md /usr/share/libalternatives /usr/share/libalternatives/node /usr/share/libalternatives/node/16.conf /usr/share/licenses/nodejs16 /usr/share/licenses/nodejs16/LICENSE /usr/share/man/man1/node.1.gz /usr/share/man/man1/node16.1.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Sat Sep 9 18:42:18 2023