godotengine/buildroot
1
0
Fork 0
mirror of https://github.com/godotengine/buildroot.git synced 2026-01-06 18:09:44 +03:00
Code Issues Packages Projects Releases Wiki Activity

package/nodejs: security bump to version 8.11.3

Browse Source 
Fixes the following security issues:

- (CVE-2018-7167): Fixes Denial of Service vulnerability where calling
  Buffer.fill() could hang

- (CVE-2018-7161): Fixes Denial of Service vulnerability by updating the
  http2 implementation to not crash under certain circumstances during
  cleanup

- (CVE-2018-1000168): Fixes Denial of Service vulnerability by upgrading
  nghttp2 to 1.32.0

See https://nodejs.org/en/blog/release/v8.11.3/ for more details

Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit is contained in:
Martin Bark
2018-06-16 23:44:08 +01:00
committed by Thomas Petazzoni
parent 88813806cb
commit 64baf3def7
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
package/nodejs/nodejs.mk
View File

@@ -4,7 +4,7 @@
#
################################################################################
NODEJS_VERSION = 8.11.2
NODEJS_VERSION = 8.11.3
NODEJS_SOURCE = node-v$(NODEJS_VERSION).tar.xz
NODEJS_SITE = http://nodejs.org/dist/v$(NODEJS_VERSION)
NODEJS_DEPENDENCIES = host-python host-nodejs c-ares \