[ubuntu/cosmic-proposed] nodejs 8.11.2~dfsg-1ubuntu1 (Accepted)
Mike Salvatore
mike.salvatore at canonical.com
Wed Aug 15 18:14:19 UTC 2018
nodejs (8.11.2~dfsg-1ubuntu1) cosmic; urgency=medium
* SECURITY UPDATE: HTTP/2 DoS vulnerability
- debian/patches/CVE-2018-7161.patch: An attacker can cause a denial of
service (DoS) by causing a node server providing an http2 server to
crash by triggering a cleanup bug (use after free).
- CVE-2018-7161
* Fix test failures due to expired certificates
- debian/patches/regen-test-certs.patch: test: update certificates and
private keys.
Date: Thu, 09 Aug 2018 09:36:17 -0400
Changed-By: Mike Salvatore <mike.salvatore at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/nodejs/8.11.2~dfsg-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 09 Aug 2018 09:36:17 -0400
Source: nodejs
Binary: nodejs-dev nodejs nodejs-doc
Architecture: source
Version: 8.11.2~dfsg-1ubuntu1
Distribution: cosmic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Mike Salvatore <mike.salvatore at canonical.com>
Description:
nodejs - evented I/O for V8 javascript
nodejs-dev - evented I/O for V8 javascript (development files)
nodejs-doc - API documentation for Node.js, the javascript platform
Changes:
nodejs (8.11.2~dfsg-1ubuntu1) cosmic; urgency=medium
.
* SECURITY UPDATE: HTTP/2 DoS vulnerability
- debian/patches/CVE-2018-7161.patch: An attacker can cause a denial of
service (DoS) by causing a node server providing an http2 server to
crash by triggering a cleanup bug (use after free).
- CVE-2018-7161
* Fix test failures due to expired certificates
- debian/patches/regen-test-certs.patch: test: update certificates and
private keys.
Checksums-Sha1:
98f36810e99543890e1b01574ad7cdd56ac4b38e 2928 nodejs_8.11.2~dfsg-1ubuntu1.dsc
9a710fb18eb58b3ef51a4cbae17210c3c14a6c40 124780 nodejs_8.11.2~dfsg-1ubuntu1.debian.tar.xz
1ace98d65ebf95cf7ecbcf928c5c949424d5227d 9924 nodejs_8.11.2~dfsg-1ubuntu1_source.buildinfo
Checksums-Sha256:
69cbcdc7ab5b2f357becbaa8d75f9ce576a19356bb2431eb9d5e8308ee6abad6 2928 nodejs_8.11.2~dfsg-1ubuntu1.dsc
1a72444e85f4412036b4a4757340a33352ca319bbfd2743530d0f909dceeb31c 124780 nodejs_8.11.2~dfsg-1ubuntu1.debian.tar.xz
71f6db605b7344138d5f26441c4a1e6be141114022a41c8dc98a70b9dbcfb271 9924 nodejs_8.11.2~dfsg-1ubuntu1_source.buildinfo
Files:
1b2b4eeb1ee7c58f4cc2cbe0e897613e 2928 javascript optional nodejs_8.11.2~dfsg-1ubuntu1.dsc
99d1028a5932ab4b07fef8b3573155c4 124780 javascript optional nodejs_8.11.2~dfsg-1ubuntu1.debian.tar.xz
b15255af16ff96fef63806d6540b52ac 9924 javascript optional nodejs_8.11.2~dfsg-1ubuntu1_source.buildinfo
Original-Maintainer: Debian Javascript Maintainers <pkg-javascript-devel at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlt0bSUACgkQZWnYVadE
vpN8mg/9ElahuFbuGR0Q6U6ZmVuL3gtpQJBukoRJvTXHiiuAVibOiGUx7U8OgPnX
M2znIKYvsFpHa6RREHBYxHHIj7uMXZixeQqdh2d94O90KU+ijjlWcSTVEfm7Z4b8
4JqCouL2H23RjSP1IGURTDHa6ZWBD2Z1Za0BxcrxbKQibeqnGzCwswj1JjTF6J1Y
5Tx4pWoFLmvhpEXuH3cfdN/fKbIiim7dnqnMbXOehncbHOJHy9OlqVkBGns0D2zP
42G11OQ3sgAxXNcnc7UCqDfJREThwfjYVzZin3D5L3/2mwe6cALT/C9H2VP3ytut
+JGqJeJpVt3JQbJjgU0tG4TLqgDL+F+182Q4KrgG7TTe3+G7iY69zY8ZPOZMNmwH
mpiaw9yEX9YJY0+L+jsIYsZSyA6nM2X4Dlfao/gSp1thjP6+YdS4k+6qhFkdjmyE
Wq52p8EMkcfjWIZujOaaKD5COEe5rF/6cm7VTNvp/ov7cjtO91cM381VwBqkCpuD
3mF/UycPwyQ8+2l74mwkrrcaPB7ydXbYVvsiD9EyC6vbOPQP2yV32uD+UJ24toXV
RwkYZWzZaiX6QBPWF4k/72jXniozcfYLnjBfRZIa1evpy0E4DxM4qzt18x27lqT3
sgloISScBItGsm7VvOW4pe2yGSBQ0KBBl6pmQSnZ8shuaFcpYeo=
=hdc8
-----END PGP SIGNATURE-----
More information about the Cosmic-changes
mailing list