NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

nodejs: security bump to version 6.11.1

Browse Source 
Fixes CVE-2017-1000381 - The c-ares function ares_parse_naptr_reply(), which
is used for parsing NAPTR responses, could be triggered to read memory
outside of the given input buffer if the passed in DNS response packet was
crafted in a particular way.  This patch checks that there is enough data
for the required elements of an NAPTR record (2 int16, 3 bytes for string
lengths) before processing a record.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Peter Korsgaard 2017-07-13 23:26:31 +02:00
parent 78ec7c6592
commit 3065f3cf39
5 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
package/nodejs/6.11.0/0001-gyp-force-link-command-to-use-CXX.patch → package/nodejs/6.11.1/0001-gyp-force-link-command-to-use-CXX.patch
View File

0
package/nodejs/6.11.0/0002-inspector-don-t-build-when-ssl-support-is-disabled.patch → package/nodejs/6.11.1/0002-inspector-don-t-build-when-ssl-support-is-disabled.patch
View File

0
package/nodejs/6.11.0/0003-src-add-HAVE_OPENSSL-directive-to-openssl_config.patch → package/nodejs/6.11.1/0003-src-add-HAVE_OPENSSL-directive-to-openssl_config.patch
View File

2
package/nodejs/Config.in
View File

@ -43,7 +43,7 @@ config BR2_PACKAGE_NODEJS_V8_ARCH_SUPPORTS
config BR2_PACKAGE_NODEJS_VERSION_STRING
string
default "6.11.0" if BR2_PACKAGE_NODEJS_V8_ARCH_SUPPORTS
default "6.11.1" if BR2_PACKAGE_NODEJS_V8_ARCH_SUPPORTS
default "0.10.48"
config BR2_PACKAGE_NODEJS_NPM

4
package/nodejs/nodejs.hash
View File

@ -1,5 +1,5 @@
# From upstream URL: http://nodejs.org/dist/v0.10.48/SHASUMS256.txt
sha256 365a93d9acc076a0d93f087d269f376abeebccad599a9dab72f2f6ed96c8ae6e node-v0.10.48.tar.xz
# From upstream URL: http://nodejs.org/dist/v6.11.0/SHASUMS256.txt
sha256 02ba35391edea2b294c736489af01954ce6e6c39d318f4423ae6617c69ef0a51 node-v6.11.0.tar.xz
# From upstream URL: http://nodejs.org/dist/v6.11.1/SHASUMS256.txt
sha256 6f6655b85919aa54cb045a6d69a226849802fcc26491d0db4ce59873e41cc2b8 node-v6.11.1.tar.xz