Created attachment 167906 [details] patch to www/node from a git commit, apply with patch -p1 The latest upstream release contains security updates for recent OpenSSL CVEs and regression fixes. Patch attached. See also https://github.com/bradleythughes/freebsd-ports/commit/615adec664dc9c9bb8b2b19455f50ae2671ea12b
Created attachment 167907 [details] poudriere testport log Truncated poudriere testport log. I removed some of the make output from the log using: $ grep -vE '^ (cc|c\+\+)' node-5.7.1.log > node-5.7.1-truncated.log
Created attachment 167908 [details] portlint log portlint log from poudriere
Created attachment 168001 [details] patch to www/node from a git commit, apply with patch -p1 See also https://github.com/bradleythughes/freebsd-ports/commit/5326fdcc43dc1c9f7734022da97ef4e11a5957e9
Upstream just released 5.8.0. I've updated my patch to 5.8.0.
Created attachment 168002 [details] portlint log from poudriere
Created attachment 168003 [details] poudriere testport log Truncated poudriere testport log. I removed some of the make output from the log using: $ grep -vE '^ (cc|c\+\+)' node-5.8.0.log > node-5.8.0-truncated.log
Maintainer approved.
To whoever ends up committing this patch to the tree: I suggest updating to 5.7.1 first, adding an entry to security/vuxml, MFH'ing that and then updating to 5.8.0 only in head.
A commit references this bug: Author: feld Date: Mon Mar 14 16:46:12 UTC 2016 New revision: 411103 URL: https://svnweb.freebsd.org/changeset/ports/411103 Log: Document node vulnerabilities PR: 207832 Security: CVE-2016-0702 Security: CVE-2016-0705 Security: CVE-2016-0797 Changes: head/security/vuxml/vuln.xml
A commit references this bug: Author: feld Date: Mon Mar 14 16:47:54 UTC 2016 New revision: 411104 URL: https://svnweb.freebsd.org/changeset/ports/411104 Log: www/node: Update to 5.7.1 Changelog: https://github.com/nodejs/node/commit/805f054cc7791c447dbb960fbf3b179ea05294ac PR: 207832 Security: CVE-2016-0702 Security: CVE-2016-0705 Security: CVE-2016-0797 MFH: 2016Q1 Changes: head/www/node/Makefile head/www/node/distinfo
A commit references this bug: Author: feld Date: Mon Mar 14 16:53:30 UTC 2016 New revision: 411105 URL: https://svnweb.freebsd.org/changeset/ports/411105 Log: MFH: r406369 r407766 r408976 r409812 r410308 r411104 - Update to 5.4.1 Changes: https://github.com/nodejs/node/blob/master/CHANGELOG.md PR: 206222 Submitted by: Daniel Lin <linpct@gmail.com> (maintainer) Sponsored by: PortsCamp Taiwan - Update to 5.5.0 Changes: https://github.com/nodejs/node/blob/master/CHANGELOG.md PR: 206628 Submitted by: Daniel Lin <linpct@gmail.com> (maintainer) Update to 5.6.0. PR: 207203 Submitted by: maintainer Update to 5.7.0. PR: 207473 Submitted by: maintainer - Fix USES=python: it does not build with Python 3 Approved by: portmgr (blanket) With hat: python www/node: Update to 5.7.1 Changelog: https://github.com/nodejs/node/commit/805f054cc7791c447dbb960fbf3b179ea05294ac PR: 207832 Security: CVE-2016-0702 Security: CVE-2016-0705 Security: CVE-2016-0797 Approved by: ports-secteam (with hat) Changes: _U branches/2016Q1/ branches/2016Q1/www/node/Makefile branches/2016Q1/www/node/distinfo branches/2016Q1/www/node/pkg-plist
A commit references this bug: Author: feld Date: Mon Mar 14 17:02:59 UTC 2016 New revision: 411106 URL: https://svnweb.freebsd.org/changeset/ports/411106 Log: www/node: Update to 5.8.0 PR: 207832 Approved by: maintainer Changes: head/www/node/Makefile head/www/node/distinfo
Thanks, Mark and Brad :)