Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release proposal: v0.10.45 #6621

Merged
merged 9 commits into from
May 6, 2016
Merged

Release proposal: v0.10.45 #6621

merged 9 commits into from
May 6, 2016

Conversation

rvagg
Copy link
Member

@rvagg rvagg commented May 6, 2016

2016-05-06, Version 0.10.45 (Maintenance), @rvagg

Notable changes:

Shigeki Ohtsu and others added 8 commits May 5, 2016 21:48
This just replaces all sources of openssl-1.0.1t.tar.gz
into deps/openssl/openssl.

Fixes: #6458
PR-URL: #6553
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
All symlink files in `deps/openssl/openssl/include/openssl/`
are removed and replaced with real header files to avoid
issues on Windows.

Fixes: #6458
PR-URL: #6553
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
sha256-x86_64.pl does not exist in the origin openssl distribution. It
was copied from sha512-x86_64.pl and both sha256/sha512 scripts were
modified so as to generates only one asm file specified as its key
hash length.

PR: #9451
PR-URL: nodejs/node-v0.x-archive#9451
Reviewed-By: Julien Gilli <julien.gilli@joyent.com>

PR: #25523
PR-URL: nodejs/node-v0.x-archive#25523
Reviewed-By: Julien Gilli <jgilli@fastmail.fm>

PR: #25654
PR-URL: nodejs/node-v0.x-archive#25654
Reviewed-By: Julien Gilli <jgilli@fastmail.fm>
`x86masm.pl` was mistakenly using .486 instruction set, why `cpuid` (and
perhaps others) are requiring .686 .

PR: #9451
PR-URL: nodejs/node-v0.x-archive#9451
Reviewed-By: Julien Gilli <julien.gilli@joyent.com>

PR: #25523
PR-URL: nodejs/node-v0.x-archive#25523
Reviewed-By: Julien Gilli <jgilli@fastmail.fm>

PR: #25654
PR-URL: nodejs/node-v0.x-archive#25654
Reviewed-By: Julien Gilli <jgilli@fastmail.fm>
reapply b910613

PR: #9451
PR-URL: nodejs/node-v0.x-archive#9451
Reviewed-By: Julien Gilli <julien.gilli@joyent.com>

PR: #25523
PR-URL: nodejs/node-v0.x-archive#25523
Reviewed-By: Julien Gilli <jgilli@fastmail.fm>

PR: #25654
PR-URL: nodejs/node-v0.x-archive#25654
Reviewed-By: Julien Gilli <jgilli@fastmail.fm>
Regenerate asm files with Makefile without CC and ASM envs.

Fixes: #6458
PR-URL: #6553
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
In openssl s_client on Windows, RAND_screen() is invoked to initialize
random state but it takes several seconds in each connection.
This added -no_rand_screen to openssl s_client on Windows to skip
RAND_screen() and gets a better performance in the unit test of
test-tls-server-verify.
Do not enable this except to use in the unit test.

(cherry picked from commit 9f0f7c38e6df975dd39735d0e9ef968076369c74)

Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: nodejs/node-v0.x-archive#25368
PR-URL: #5987
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
@nodejs-github-bot nodejs-github-bot added the npm Issues and PRs related to the npm client dependency or the npm registry. label May 6, 2016
Notable changes:

* npm: Correct erroneous version number in v2.15.1 code
  (Forrest L Norvell) #5987
* openssl: Upgrade to v1.0.1t, addressing security vulnerabilities
  (Shigeki Ohtsu) #6553
  - Fixes CVE-2016-2107 "Padding oracle in AES-NI CBC MAC check"
  - Fixes CVE-2016-2105 "EVP_EncodeUpdate overflow"
  - See https://nodejs.org/en/blog/vulnerability/openssl-may-2016/ for
    full details
@mscdex mscdex added meta Issues and PRs related to the general management of the project. v0.10 and removed npm Issues and PRs related to the npm client dependency or the npm registry. labels May 6, 2016
@rvagg rvagg merged commit 1b2bc79 into v0.10 May 6, 2016
@rvagg rvagg deleted the v0.10.45-proposal branch May 6, 2016 13:21
@rvagg
Copy link
Member Author

rvagg commented May 6, 2016

tagged and released

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
meta Issues and PRs related to the general management of the project.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants