v15.14.0 proposal by MylesBorins · Pull Request #38084 · nodejs/node
and others added 24 commits
April 4, 2021 15:22
Original commit message: fix "the the" typo in README.md file Refs: nodejs/cjs-module-lexer@22093e7 PR-URL: #37895 Reviewed-By: Pooja D P <Pooja.D.P@ibm.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Harshitha K P <harshitha014@gmail.com>
This updates all sources in deps/openssl/openssl by:
$ git clone https://github.com/quictls/openssl
$ cd openssl
$ git checkout OpenSSL_1_1_1k+quic
$ cd ../node/deps/openssl
$ rm -rf openssl
$ cp -R ../openssl openssl
$ cd openssl && rm -rf .gitattributes .github/ .gitmodules .travis-apt-pin.preferences .travis-create-release.sh
$ cd ..
$ git add --all openssl
$ git commit openssl
PR-URL: #37916
Fixes: #37913
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
$ make -C deps/openssl/config
$ git add deps/openssl/config/archs
$ git add deps/openssl/openssl/include/crypto/bn_conf.h
$ git add deps/openssl/openssl/include/crypto/dso_conf.h
$ git add deps/openssl/openssl/include/openssl/opensslconf.h
$ git commit
PR-URL: #37916
Fixes: #37913
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
- Add a paragraph about case-insensitivity of encoding options. - Document "utf-8", "utf-16le" and "ucs-2" aliases. - Always use "utf8" in documentation for defaults and examples. PR-URL: #37945 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Exporting a variable that will be mutated later doesn't work. Refs: #37937 PR-URL: #37966 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
PR-URL: #37893 Reviewed-By: Pooja D P <Pooja.D.P@ibm.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
PR-URL: #37992 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
PR-URL: #37949 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com>
As suggested in #37849 (comment) improve the error presented when encountering a large number of invalid frames by giving this situation a specific error code (which we should have had from the beginning). PR-URL: #37936 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
This was missed in the original PR. Refs: #34912 PR-URL: #37965 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: Anto Aravinth <anto.aravinth.cse@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
Add documentation for net.connect AbortSignal, and add the support to tls.connect as well PR-URL: #37735 Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
Add abort signal support to Interface PR-URL: #37932 Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
fix pre-aborted question handling PR-URL: #37929 Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
Change the wording to make the language more Inclusive. PR-URL: #37903 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Pooja D P <Pooja.D.P@ibm.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
Change the wording to make the language more Inclusive. PR-URL: #37933 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Beth Griggs <bgriggs@redhat.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
PR-URL: #37950 Reviewed-By: Pooja D P <Pooja.D.P@ibm.com> Reviewed-By: Harshitha K P <harshitha014@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: #37917 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: #37917 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: #37917 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
The last als.run() will reactivate the als, hence the test should test for getting the object, not undefined PR-URL: #38008 Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
nodejs-github-bot
added
doc
v15.x labels
Apr 4, 2021
MylesBorins
changed the title
V15.14.0 proposal
v15.14.0 proposal
PR-URL: #38024 Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>
PR-URL: #38011 Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
MylesBorins added a commit that referenced this pull request
Apr 5, 2021
Vulnerabilities fixed: - **CVE-2021-3450**: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) - **CVE-2021-3449**: OpenSSL - NULL pointer deref in signature_algorithms processing (High) - **CVE-2020-7774**: npm upgrade - Update y18n to fix Prototype-Pollution (High) Other Notable changes: fs: * (SEMVER-MINOR) add support for async iterators to `fsPromises.writeFile` (HiroyukiYagihashi) #37490 net: * (SEMVER-MINOR) allow net.BlockList to use net.SocketAddress objects (James M Snell) #37917 * (SEMVER-MINOR) add SocketAddress class (James M Snell) #37917 * (SEMVER-MINOR) make net.BlockList cloneable (James M Snell) #37917 net,tls: * (SEMVER-MINOR) add abort signal support to connect (Nitzan Uziely) #37735 readline: * (SEMVER-MINOR) add AbortSignal support to interface (Nitzan Uziely) #37932 PR-URL: #38084
MylesBorins added a commit that referenced this pull request
Apr 6, 2021
Notable Changes: This is a security release. Vulnerabilities fixed: - **CVE-2021-3450**: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) - **CVE-2021-3449**: OpenSSL - NULL pointer deref in signature_algorithms processing (High) - **CVE-2020-7774**: npm upgrade - Update y18n to fix Prototype-Pollution (High) Other Notable changes: fs: * (SEMVER-MINOR) add support for async iterators to `fsPromises.writeFile` (HiroyukiYagihashi) #37490 net: * (SEMVER-MINOR) allow net.BlockList to use net.SocketAddress objects (James M Snell) #37917 * (SEMVER-MINOR) add SocketAddress class (James M Snell) #37917 * (SEMVER-MINOR) make net.BlockList cloneable (James M Snell) #37917 net,tls: * (SEMVER-MINOR) add abort signal support to connect (Nitzan Uziely) #37735 readline: * (SEMVER-MINOR) add AbortSignal support to interface (Nitzan Uziely) #37932 PR-URL: #38084
Notable Changes: This is a security release. Vulnerabilities fixed: - **CVE-2021-3450**: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) - **CVE-2021-3449**: OpenSSL - NULL pointer deref in signature_algorithms processing (High) - **CVE-2020-7774**: npm upgrade - Update y18n to fix Prototype-Pollution (High) Other Notable changes: fs: * (SEMVER-MINOR) add support for async iterators to `fsPromises.writeFile` (HiroyukiYagihashi) #37490 net: * (SEMVER-MINOR) allow net.BlockList to use net.SocketAddress objects (James M Snell) #37917 * (SEMVER-MINOR) add SocketAddress class (James M Snell) #37917 * (SEMVER-MINOR) make net.BlockList cloneable (James M Snell) #37917 net,tls: * (SEMVER-MINOR) add abort signal support to connect (Nitzan Uziely) #37735 readline: * (SEMVER-MINOR) add AbortSignal support to interface (Nitzan Uziely) #37932 PR-URL: #38084
MylesBorins added a commit that referenced this pull request
Apr 6, 2021
Notable Changes: This is a security release. Vulnerabilities fixed: - **CVE-2021-3450**: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) - **CVE-2021-3449**: OpenSSL - NULL pointer deref in signature_algorithms processing (High) - **CVE-2020-7774**: npm upgrade - Update y18n to fix Prototype-Pollution (High) Other Notable changes: fs: * (SEMVER-MINOR) add support for async iterators to `fsPromises.writeFile` (HiroyukiYagihashi) #37490 net: * (SEMVER-MINOR) allow net.BlockList to use net.SocketAddress objects (James M Snell) #37917 * (SEMVER-MINOR) add SocketAddress class (James M Snell) #37917 * (SEMVER-MINOR) make net.BlockList cloneable (James M Snell) #37917 net,tls: * (SEMVER-MINOR) add abort signal support to connect (Nitzan Uziely) #37735 readline: * (SEMVER-MINOR) add AbortSignal support to interface (Nitzan Uziely) #37932 PR-URL: #38084
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters