mirror of
https://github.com/godotengine/buildroot.git
synced 2026-01-04 06:10:16 +03:00
package/nodejs: security bump to version 8.11.3
Fixes the following security issues:
- (CVE-2018-7167): Fixes Denial of Service vulnerability where calling
Buffer.fill() could hang
- (CVE-2018-7161): Fixes Denial of Service vulnerability by updating the
http2 implementation to not crash under certain circumstances during
cleanup
- (CVE-2018-1000168): Fixes Denial of Service vulnerability by upgrading
nghttp2 to 1.32.0
See https://nodejs.org/en/blog/release/v8.11.3/ for more details
Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 64baf3def7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Martin Bark
committed by
Peter Korsgaard
Peter Korsgaard
parent
de685ea011
commit
ef5e8bc674
@@ -1,5 +1,5 @@
|
||||
# From http://nodejs.org/dist/v8.11.2/SHASUMS256.txt
|
||||
sha256 539946c0381809576bed07424a35fc1740d52f4bd56305d6278d9e76c88f4979 node-v8.11.2.tar.xz
|
||||
# From http://nodejs.org/dist/v8.11.3/SHASUMS256.txt
|
||||
sha256 577c751fdca91c46c60ffd8352e5b465881373bfdde212c17c3a3c1bd2616ee0 node-v8.11.3.tar.xz
|
||||
|
||||
# Hash for license file
|
||||
sha256 b87be6c1479ed977481115869c2dd8b6d59e5ea55aa09939d6c898242121b2f5 LICENSE
|
||||
|
||||
Reference in New Issue
Block a user