From ee855209425aaa882887a498c9e2c279bf79ba7c Mon Sep 17 00:00:00 2001 From: "T.C. Hollingsworth" Date: Tue, 18 Nov 2014 18:22:09 -0700 Subject: [PATCH] new upstream release 0.10.33 http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/ - This release disables SSLv3 to secure Node.js services against the POODLE attack. (CVE-2014-3566; RHBZ#1152789) For more information or to learn how to re-enable SSLv3 in order to support legacy clients, please see the upstream release announcement linked above. --- nodejs-revert-utf8-v8.patch | 9 +++++---- nodejs.spec | 12 ++++++++++-- 2 files changed, 15 insertions(+), 6 deletions(-) diff --git a/nodejs-revert-utf8-v8.patch b/nodejs-revert-utf8-v8.patch index f617cf3..6b16de6 100644 --- a/nodejs-revert-utf8-v8.patch +++ b/nodejs-revert-utf8-v8.patch @@ -15,17 +15,18 @@ diff --git a/src/node.cc b/src/node.cc index 4223973..e9696cd 100644 --- a/src/node.cc +++ b/src/node.cc -@@ -178,8 +178,6 @@ static uv_async_t dispatch_debug_messages_async; +@@ -180,9 +180,6 @@ static uv_async_t dispatch_debug_messages_async; // Declared in node_internals.h Isolate* node_isolate = NULL; -int WRITE_UTF8_FLAGS = v8::String::HINT_MANY_WRITES_EXPECTED | - v8::String::NO_NULL_TERMINATION; - +- static void Spin(uv_idle_t* handle, int status) { assert((uv_idle_t*) handle == &tick_spinner); -@@ -3046,11 +3044,6 @@ static char **copy_argv(int argc, char **argv) { - } + assert(status == 0); +@@ -3077,11 +3074,6 @@ static char **copy_argv(int argc, char **argv) { + int Start(int argc, char *argv[]) { - const char* replaceInvalid = getenv("NODE_INVALID_UTF8"); diff --git a/nodejs.spec b/nodejs.spec index 17e3b8e..6dcd469 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -1,6 +1,6 @@ Name: nodejs -Version: 0.10.32 -Release: 2%{?dist} +Version: 0.10.33 +Release: 1%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -179,6 +179,14 @@ cp -p common.gypi %{buildroot}%{_datadir}/node %{_defaultdocdir}/%{name}-docs-%{version} %changelog +* Wed Nov 19 2014 T.C. Hollingsworth - 0.10.33-1 +- new upstream release 0.10.33 + http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/ +- This release disables SSLv3 to secure Node.js services against the POODLE + attack. (CVE-2014-3566; RHBZ#1152789) For more information or to learn how + to re-enable SSLv3 in order to support legacy clients, please see the upstream + release announcement linked above. + * Tue Oct 21 2014 T.C. Hollingsworth - 0.10.32-2 - add Provides nodejs-punycode (RHBZ#1151811)