| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: nodejs14-devel | Distribution: SUSE Linux Enterprise 15 |
| Version: 14.16.0 | Vendor: SUSE LLC <https://www.suse.com/> |
| Release: 5.9.1 | Build date: Wed Feb 24 11:58:15 2021 |
| Group: Development/Languages/NodeJS | Build host: mourvedre |
| Size: 947115 | Source RPM: nodejs14-14.16.0-5.9.1.src.rpm |
| Packager: https://www.suse.com/ | |
| Url: https://nodejs.org | |
| Summary: Development headers for NodeJS 14.x | |
This package provides development headers for Node.js needed for creation of binary modules.
MIT
* Tue Feb 23 2021 adam.majer@suse.de
- New upstream LTS version 14.16.0:
* CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service
by resource exhaustion (bsc#1182619)
* CVE-2021-22884: DNS rebinding in --inspect (bsc#1182620)
* Wed Feb 17 2021 adam.majer@suse.de
- New upstream LTS version 14.15.5:
* deps:
+ upgrade npm to 6.14.11
+ V8: backport dfcf1e86fac0 #37245
Note: Node.js is not believed to be vulnerable to CVE-2021-21148
* stream,zlib: do not use _stream_* anymore
- relax OpenSSL cipher suite policies for unit tests
* Mon Jan 04 2021 adam.majer@suse.de
- New upstream LTS version 14.15.4:
* CVE-2020-8265: use-after-free in TLSWrap (High) bug in TLS
implementation. When writing to a TLS enabled socket,
node::StreamBase::Write calls node::TLSWrap::DoWrite with
a freshly allocated WriteWrap object as first argument.
If the DoWrite method does not return an error, this object is
passed back to the caller as part of a StreamWriteResult structure.
This may be exploited to corrupt memory leading to a
Denial of Service or potentially other exploits (bsc#1180553)
* CVE-2020-8287: HTTP Request Smuggling allow two copies of a
header field in a http request. For example, two Transfer-Encoding
header fields. In this case Node.js identifies the first header
field and ignores the second. This can lead to HTTP Request
Smuggling (https://cwe.mitre.org/data/definitions/444.html).
(bsc#1180554)
* Mon Dec 21 2020 adam.majer@suse.de
- New upstream LTS version 14.15.3:
* deps:
+ upgrade npm to 6.14.9
+ update acorn to v8.0.4
* http2: check write not scheduled in scope destructor
* stream: fix regression on duplex end
- versioned.patch, sle12_python3_compat.patch: refreshed
* Mon Nov 30 2020 adam.majer@suse.de
- openssl_binary_detection.patch: fixes unit tests on SLE12
* Mon Nov 23 2020 adam.majer@suse.de
- Update Requires: so -devel requires npm
- Rely on rpmbuild to define necessary python dependencies
* Thu Nov 19 2020 adam.majer@suse.de
- New upstream LTS version 14.15.1:
* deps: Denial of Service through DNS request (High).
A Node.js application that allows an attacker to trigger a DNS
request for a host of their choice could trigger a Denial of Service
by getting the application to resolve a DNS record with
a larger number of responses (bsc#1178882, CVE-2020-8277)
* Thu Oct 29 2020 adam.majer@suse.de
- Update to LTS version 14.15.0: (jsc#SLE-15774)
* no major changes
* test: reverts marking test-webcrypto-encrypt-decrypt-aes flaky
* Tue Oct 20 2020 adam.majer@suse.de
- Use SLE OpenSSL version with 12-SP4+, and not just 12-SP5+
- Bump mininum ICU version to 65
* Fri Oct 16 2020 adam.majer@suse.de
- Update to version 14.14.0:
* fs: add rm method
* http: allow passing array of key/val into writeHead
* src: expose v8::Isolate setup callbacks
- sle12_python3_compat.patch: refreshed
* Thu Oct 08 2020 adam.majer@suse.de
- Update to version 14.13.1:
* fs: rmdir recursive is no longer considered experimental
- fix_ci_tests.patch: add support to SUSE's ECDH backport errors
in SLE's openssl
* Tue Oct 06 2020 adam.majer@suse.de
- Update to version 14.13.0:
* deps: upgrade to libuv 1.40.0 #35333
* module: named exports for CJS via static analysis #35249
* module: exports pattern support #34718
* src: allow N-API addon in AddLinkedBinding()
* Thu Sep 24 2020 adam.majer@suse.de
- Update to version 14.12.0:
* n-api:
+ create N-API version 7
+ add more property defaults
- Changes since version 14.9.0
* deps:
+ update llhttp to 2.1.2 (bsc#1176605, CVE-2020-8201)
+ http: add requestTimeout. Fixes Denial of Service by
resource exhaustion due to unfinished HTTP/1.1 requests
(bsc#1176604, CVE-2020-8251)
+ buffer: also alias BigUInt methods
+ crypto: add randomInt function
+ perf_hooks: add idleTime and event loop util
+ stream: simpler and faster Readable async iterator
+ stream: save error in state
* Wed Sep 02 2020 adam.majer@suse.de
- old_icu.patch: re-add support for ICU 65 from SLE15 SP2
- fix_ci_tests.patch: move debug symbol strip for testing to the Makefile
* Fri Aug 28 2020 adam.majer@suse.de
- Update to version 14.9.0:
* build: set --v8-enable-object-print by default (Mary Marchini) #34705
* deps:
+ upgrade to libuv 1.39.0 (cjihrig) #34915
+ upgrade npm to 6.14.8 (Ruy Adorno) #34834
+ V8: cherry-pick e06ace6b5cdb (Anna Henningsen) #34673
* n-api: handle weak no-finalizer refs correctly (Gabriel Schulhof) #34839
* tools: add debug entitlements for macOS 10.15+ (Gabriele Greco) #34378
- Changes in version 14.8.0:
* async_hooks: add AsyncResource.bind utility (James M Snell) #34574
* deps: update to uvwasi 0.0.10 (Colin Ihrig) #34623
* module: unflag Top-Level Await (Myles Borins) #34558
* n-api: support type-tagging objects (Gabriel Schulhof) #28237
* n-api,src: provide asynchronous cleanup hooks (Anna Henningsen) #34572
- versioned.patch: refreshed
- linker_lto_jobs.patch: refreshed
* Mon Aug 10 2020 adam.majer@suse.de
- Explicitly add -fno-strict-aliasing to CFLAGS to fix compilation
on Aarch64 with gcc10 (bsc#1172686)
* Mon Aug 03 2020 adam.majer@suse.de
- Update to version 14.7.0:
* deps: upgrade npm to 6.14.7
* dgram: add IPv6 scope id suffix to received udp6 dgrams
* src:
+ allow preventing SetPromiseRejectCallback #34387
+ allow setting a dir for all diagnostic output #33584
* worker: make MessagePort inherit from EventTarget #34057
* zlib: switch to lazy init for zlib streams (Andrey Pechkurov) #34048
* Tue Jul 28 2020 dmueller@suse.com
- avoid rpmbuild warnings on if/else/endif constructs
* Wed Jul 22 2020 adam.majer@suse.de
- Update to version 14.6.0:
* deps:
+ upgrade to libuv 1.38.1
+ upgrade npm to 6.14.6 fixing information leak through
log files (bsc#1173937, CVE-2020-15095)
+ update V8 to 8.4.371.19
* module:
+ doc only deprecation of module.parent
+ package "imports" field
* src: allow embedders to disable esm loader
* tls: make 'createSecureContext' honor more options
* vm: add run-after-evaluate microtask mode
* worker: add option to track unmanaged file descriptors
- versioned.patch - refreshed
* Thu Jul 02 2020 adam.majer@suse.de
- Update to version 14.5.0:
* deps: V8 engine is updated to version 8.3. For details, see
https://v8.dev/blog/v8-release-83
* events: experimental implementation of EventTarget
For details, see
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V14.md#14.5.0
- sle12_python3_compat.patch: refreshed
- fix_ci_tests.patch: refreshed
* Tue Jun 09 2020 adam.majer@suse.de
- Add Require for nodejs14 when intalling npm14. (bsc#1172728)
* Thu Jun 04 2020 adam.majer@suse.de
- Update to version 14.4.0:
* napi: fix various types of memory corruption in napi_get_value_string_*()
(CVE-2020-8174, bsc#1172443)
* http2: fix HTTP/2 Large Settings Frame DoS
(CVE-2020-11080, bsc#1172442)
* TLS session reuse can lead to host certificate verification bypass
(CVE-2020-8172, bsc#1172441)
* Fri May 29 2020 adam.majer@suse.de
- Update to version 14.3.0:
* repl: previews improvements with autocompletion
* it's now possible to use the await keyword outside of async functions,
with the --experimental-top-level-await flag
- Changes in version 14.2.0:
* console: Support for console constructor groupIndentation options
- skip_no_console.patch: refreshed
- versioned.patch, fix_ci_tests.patch: refreshed
* Thu Apr 30 2020 adam.majer@suse.de
- Update to version 14.1.0:
* deps: upgrade openssl sources to 1.1.1g (SLE-12 only)
* http: doc deprecate abort and improve docs
* module: do not warn when accessing __esModule of unfinished exports
* n-api: detect deadlocks in thread-safe function
* src: deprecate embedder APIs with replacements
* stream:
+ don't emit end after close
+ don't wait for close on legacy streams
+ pipeline should only destroy un-finished streams
* vm: add importModuleDynamically option to compileFunction
skip_no_console.patch: add more unit tests that fail on dumb terminals
* Mon Apr 27 2020 adam.majer@suse.de
- Initial version 14.0.0
Deprecations
* crypto: move pbkdf2 without digest to EOL
* fs: deprecate closing FileHandle on garbage collection
* http: move OutboundMessage.prototype.flush to EOL
* lib: move GLOBAL and root aliases to EOL
* os: move tmpDir() to EOL
* src: remove deprecated wasm type check
* stream: move _writableState.buffer to EOL
* doc: deprecate process.mainModule
* doc: deprecate process.umask() with no arguments
For a detailed list of changes, see
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V14.md#14.0.0
/usr/include/node14 /usr/include/node14/common.gypi /usr/include/node14/config.gypi /usr/include/node14/cppgc /usr/include/node14/cppgc/allocation.h /usr/include/node14/cppgc/common.h /usr/include/node14/cppgc/custom-space.h /usr/include/node14/cppgc/garbage-collected.h /usr/include/node14/cppgc/heap.h /usr/include/node14/cppgc/internal /usr/include/node14/cppgc/internal/accessors.h /usr/include/node14/cppgc/internal/api-constants.h /usr/include/node14/cppgc/internal/compiler-specific.h /usr/include/node14/cppgc/internal/finalizer-trait.h /usr/include/node14/cppgc/internal/gc-info.h /usr/include/node14/cppgc/internal/logging.h /usr/include/node14/cppgc/internal/persistent-node.h /usr/include/node14/cppgc/internal/pointer-policies.h /usr/include/node14/cppgc/internal/prefinalizer-handler.h /usr/include/node14/cppgc/liveness-broker.h /usr/include/node14/cppgc/macros.h /usr/include/node14/cppgc/member.h /usr/include/node14/cppgc/persistent.h /usr/include/node14/cppgc/platform.h /usr/include/node14/cppgc/prefinalizer.h /usr/include/node14/cppgc/source-location.h /usr/include/node14/cppgc/trace-trait.h /usr/include/node14/cppgc/type-traits.h /usr/include/node14/cppgc/visitor.h /usr/include/node14/js_native_api.h /usr/include/node14/js_native_api_types.h /usr/include/node14/libplatform /usr/include/node14/libplatform/libplatform-export.h /usr/include/node14/libplatform/libplatform.h /usr/include/node14/libplatform/v8-tracing.h /usr/include/node14/node.h /usr/include/node14/node_api.h /usr/include/node14/node_api_types.h /usr/include/node14/node_buffer.h /usr/include/node14/node_object_wrap.h /usr/include/node14/node_version.h /usr/include/node14/uv /usr/include/node14/uv.h /usr/include/node14/uv/aix.h /usr/include/node14/uv/android-ifaddrs.h /usr/include/node14/uv/bsd.h /usr/include/node14/uv/darwin.h /usr/include/node14/uv/errno.h /usr/include/node14/uv/linux.h /usr/include/node14/uv/os390.h /usr/include/node14/uv/posix.h /usr/include/node14/uv/stdint-msvc2008.h /usr/include/node14/uv/sunos.h /usr/include/node14/uv/threadpool.h /usr/include/node14/uv/tree.h /usr/include/node14/uv/unix.h /usr/include/node14/uv/version.h /usr/include/node14/uv/win.h /usr/include/node14/v8-fast-api-calls.h /usr/include/node14/v8-internal.h /usr/include/node14/v8-platform.h /usr/include/node14/v8-profiler.h /usr/include/node14/v8-util.h /usr/include/node14/v8-value-serializer-version.h /usr/include/node14/v8-version-string.h /usr/include/node14/v8-version.h /usr/include/node14/v8-wasm-trap-handler-posix.h /usr/include/node14/v8-wasm-trap-handler-win.h /usr/include/node14/v8.h /usr/include/node14/v8config.h /usr/share/systemtap /usr/share/systemtap/tapset /usr/share/systemtap/tapset/node14.stp
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 13:44:15 2024