Bug 229038 - www/node8: Update to 8.11.3
Summary: www/node8: Update to 8.11.3
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Bradley T. Hughes
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-06-15 07:53 UTC by Pascal Christen
Modified: 2018-06-19 19:16 UTC (History)
1 user (show)

See Also:
bugzilla: maintainer-feedback? (bhughes)


Attachments
Patch for Update (742 bytes, patch)
2018-06-15 07:53 UTC, Pascal Christen
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Pascal Christen 2018-06-15 07:53:47 UTC
Created attachment 194268 [details]
Patch for Update

Update node8 to 8.11.3 due to voulnerabilities marked as HIGH

https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/
Comment 1 Bradley T. Hughes freebsd_committer 2018-06-15 07:57:08 UTC
Hi Pascal,

Thanks for the patch, I have builds running for Node.js 6.14.3, 8.11.3, and 10.4.1 to address the vulneratilities in the June security release announcement. I have already added vuxml entries for them, I will commit the changes once the builds are done. :)
Comment 2 Pascal Christen 2018-06-15 08:03:25 UTC
Hi Bradley,

Ok so I won't add patches for the other node ports. My node 8.11.3 built successfully. Thank you!
Comment 3 commit-hook freebsd_committer 2018-06-15 14:12:05 UTC
A commit references this bug:

Author: bhughes
Date: Fri Jun 15 14:11:08 UTC 2018
New revision: 472452
URL: https://svnweb.freebsd.org/changeset/ports/472452

Log:
  www/node8: Update 8.11.2 -> 8.11.3

  Update to the latest security release, fixing CVE-2018-7161,
  CVE-2018-7167, and CVE-2018-1000168.

  https://nodejs.org/en/blog/release/v8.11.3/
  https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/

  PR:		229038
  Submitted by:	Pascal Christen <pascal.christen@hostpoint.ch>
  MFH:		2018Q2
  Security:	45b8e2eb-7056-11e8-8fab-63ca6e0e13a2
  Sponsored by:	Miles AS

Changes:
  head/www/node8/Makefile
  head/www/node8/distinfo
Comment 4 commit-hook freebsd_committer 2018-06-15 21:09:36 UTC
A commit references this bug:

Author: bhughes
Date: Fri Jun 15 21:08:55 UTC 2018
New revision: 472490
URL: https://svnweb.freebsd.org/changeset/ports/472490

Log:
  MFH: r470576 r472452

  www/node8: Update 8.11.1_1 -> 8.11.2

  https://nodejs.org/en/blog/release/v8.11.2/

  www/node8: Update 8.11.2 -> 8.11.3

  Update to the latest security release, fixing CVE-2018-7161,
  CVE-2018-7167, and CVE-2018-1000168.

  https://nodejs.org/en/blog/release/v8.11.3/
  https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/

  PR:		229038
  Submitted by:	Pascal Christen <pascal.christen@hostpoint.ch>
  Security:	45b8e2eb-7056-11e8-8fab-63ca6e0e13a2
  Sponsored by:	Miles AS

  Approved by:	ports-secteam (miwi)

Changes:
_U  branches/2018Q2/
  branches/2018Q2/www/node8/Makefile
  branches/2018Q2/www/node8/distinfo