deps: update llhttp to 2.0.1 by indutny · Pull Request #30553 · nodejs/node
added
http
labels
Nov 20, 2019
indutny
changed the title
deps: update llhtp to 2.0
deps: update llhttp to 2.0
mscdex
changed the title
deps: update llhttp to 2.0
deps: update llhttp to 2.0.1
BethGriggs added a commit that referenced this pull request
Dec 9, 2019
Notable changes: - crypto: fix key requirements in asymmetric cipher (Tobias Nießen) #30249 - deps: - update llhttp to 2.0.1 (Fedor Indutny) #30553 - upgrade npm to 6.13.1 (claudiahdz) #30533 - update nghttp2 to 1.40.0 (gengjiawen) #30493 - v8: mark serdes API as stable (Anna Henningsen) #30234 PR-URL: #30865
sam-github added a commit that referenced this pull request
Dec 9, 2019
Allow insecure HTTP header parsing. Make clear it is insecure. See: - #30553 - #27711 (comment) - #30515 PR-URL: #30567 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Denys Otrishko <shishugi@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
targos pushed a commit that referenced this pull request
Dec 10, 2019
Allow insecure HTTP header parsing. Make clear it is insecure. See: - #30553 - #27711 (comment) - #30515 PR-URL: #30567 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Denys Otrishko <shishugi@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins pushed a commit that referenced this pull request
Dec 17, 2019
Changelog: * Optional SSE4.2 support (at compile time) * Lenient mode of operation PR-URL: #30553 Reviewed-By: Gus Caplan <me@gus.host> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: David Carlier <devnexen@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Myles Borins <myles.borins@gmail.com>
BethGriggs added a commit that referenced this pull request
Dec 23, 2019BethGriggs added a commit that referenced this pull request
Dec 27, 2019BethGriggs added a commit that referenced this pull request
Dec 31, 2019BethGriggs added a commit that referenced this pull request
Jan 7, 2020sam-github added a commit to sam-github/node that referenced this pull request
Jan 10, 2020
Allow insecure HTTP header parsing. Make clear it is insecure. See: - nodejs#30553 - nodejs#27711 (comment) - nodejs#30515 PR-URL: nodejs#30567 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Denys Otrishko <shishugi@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
sam-github added a commit to sam-github/node that referenced this pull request
Jan 10, 2020
Allow insecure HTTP header parsing. Make clear it is insecure. See: - nodejs#30553 - nodejs#27711 (comment) - nodejs#30515 PR-URL: nodejs#30567 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Denys Otrishko <shishugi@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
targos pushed a commit that referenced this pull request
Jan 14, 2020
Allow insecure HTTP header parsing. Make clear it is insecure. See: - #30553 - #27711 (comment) - #30515 PR-URL: #30567 Backport-PR-URL: #30473 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Denys Otrishko <shishugi@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
BaochengSu added a commit to BaochengSu/node that referenced this pull request
Oct 21, 2020
Ported from OpenSUSE:nodejs8-8.17.0-lp152.147.1:CVE-2019-15605.patch Original commit message: commit e2c8f89 Author: Sam Roberts <vieuxtech@gmail.com> Date: Thu Jan 16 11:55:52 2020 -0800 test: using TE to smuggle reqs is not possible See: https://hackerone.com/reports/735748 PR-URL: https://github.com/nodejs-private/node-private/pull/192 Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com> commit 49f4220 Author: Sam Roberts <vieuxtech@gmail.com> Date: Tue Feb 4 10:36:57 2020 -0800 deps: upgrade http-parser to v2.9.3 PR-URL: https://github.com/nodejs-private/http-parser-private/pull/4 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com> commit d616722 Author: Sam Roberts <vieuxtech@gmail.com> Date: Tue Jan 7 14:24:54 2020 -0800 test: check that --insecure-http-parser works Test that using --insecure-http-parser will disable validation of invalid characters in HTTP headers. See: - nodejs#30567 Backport-PR-URL: nodejs#30471 PR-URL: nodejs#31253 Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> commit a9849c0 Author: Sam Roberts <vieuxtech@gmail.com> Date: Wed Nov 20 11:48:58 2019 -0800 http: opt-in insecure HTTP header parsing Allow insecure HTTP header parsing. Make clear it is insecure. See: - nodejs#30553 - nodejs#27711 (comment) - nodejs#30515 Backport-PR-URL: nodejs#30471 PR-URL: nodejs#30567 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Denys Otrishko <shishugi@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> commit a28e5cc Author: Sam Roberts <vieuxtech@gmail.com> Date: Wed Nov 13 10:05:38 2019 -0800 deps: upgrade http-parser to v2.9.1 PR-URL: nodejs#30471 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com> Signed-off-by: Su Baocheng <baocheng.su@siemens.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters