From patchwork Thu Jul 13 21:26:31 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Peter Korsgaard <peter@korsgaard.com>
X-Patchwork-Id: 787994
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 3x7pmQ15hNz9s4s
	for <incoming@patchwork.ozlabs.org>;
	Fri, 14 Jul 2017 07:26:46 +1000 (AEST)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=gmail.com header.i=@gmail.com
	header.b="pdcmfTAx"; dkim-atps=neutral
Received: from localhost (localhost [127.0.0.1])
	by whitealder.osuosl.org (Postfix) with ESMTP id C39EF890C7;
	Thu, 13 Jul 2017 21:26:43 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from whitealder.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 9qRqBo4mv-Hg; Thu, 13 Jul 2017 21:26:42 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by whitealder.osuosl.org (Postfix) with ESMTP id 2A41985C23;
	Thu, 13 Jul 2017 21:26:42 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133])
	by ash.osuosl.org (Postfix) with ESMTP id CCCC81C16B8
	for <buildroot@lists.busybox.net>;
	Thu, 13 Jul 2017 21:26:40 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by hemlock.osuosl.org (Postfix) with ESMTP id C61AC8A33C
	for <buildroot@lists.busybox.net>;
	Thu, 13 Jul 2017 21:26:40 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from hemlock.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id bnVABupFBB7p for <buildroot@lists.busybox.net>;
	Thu, 13 Jul 2017 21:26:39 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com
	[74.125.82.66])
	by hemlock.osuosl.org (Postfix) with ESMTPS id 99A128A33B
	for <buildroot@buildroot.org>; Thu, 13 Jul 2017 21:26:39 +0000 (UTC)
Received: by mail-wm0-f66.google.com with SMTP id y5so7485987wmh.3
	for <buildroot@buildroot.org>; Thu, 13 Jul 2017 14:26:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=sender:from:to:cc:subject:date:message-id;
	bh=JCrAq5yLTLeMLA4H5+hXqtlBrJu2W4llEddRYyd7mbg=;
	b=pdcmfTAxWYj6PwSS3XdjiOpoyVmeOKxCxIWeEXmQsQYXl8Gbv7SS2hKEctaO9Vfzd0
	N6/ZyUmlad5wFAAq1bJXeUDHgSS4pPkMSjYojaEcnpI6ohnEDf+AhpqnPNudjFlCRQ9A
	R3XI1WnZL3siixp+0DpSHHsNHpiu56Q0cijRGNOChYTlcGEpLxRZZscYA+u3bm98zz9Z
	Gfvm9FHF2BixXfGyI41UaMnB0GquQZ3GS1nVU2CLEg7eiI26plzkbDK7kgLSBhCyJpr1
	LLNeW1HdL0f7FzVWAnTLJjSv7FVEqq5vx/t3MwBtabQ8erNMCVojehaGmz7FLpZz4yd9
	0c+g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:sender:from:to:cc:subject:date:message-id;
	bh=JCrAq5yLTLeMLA4H5+hXqtlBrJu2W4llEddRYyd7mbg=;
	b=P1YnQgY0kgDUllEIudrRwJJ85FKl2MVU+30zcidtUfbHZbDFXQowHI55My/x5+lsgv
	LPk0jhg7bDQxfUYnv4JMK1odAKlwNjua0u8hEGSrxZ3DDUdJJlRoqLrSNHS3ub6Yl3Xs
	DtfN5VsLlPYOk6KCj6Mtlp12W97HlmWWyV8LzID2ONthGMtNAnRcLKAZG8X+08E2c2LY
	WphfqlzlRgoU0NGZsdImz6BNrpKSQX/974HJu4eawUm+/lIHivY6Xyt2WtjkBGSjKNrc
	Nu7jECmqkz5PeliX0zRQC+i5k0AhmxuiTpb2uYhqm+10LMvY9HeLJ7KT4j2+4LpIQmFO
	wGDw==
X-Gm-Message-State: AIVw112XOLiDGrNvuCnccSpNF2duiDjQIkzG6ti8MdlP1Tf0BbjqowmL
	39QWVus+nUBlLCa0kCE=
X-Received: by 10.80.164.241 with SMTP id x46mr4401981edb.114.1499981197811;
	Thu, 13 Jul 2017 14:26:37 -0700 (PDT)
Received: from dell.be.48ers.dk (d51A5BC31.access.telenet.be.
	[81.165.188.49]) by smtp.gmail.com with ESMTPSA id
	i42sm3252112ede.5.2017.07.13.14.26.36
	(version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
	Thu, 13 Jul 2017 14:26:37 -0700 (PDT)
Received: from peko by dell.be.48ers.dk with local (Exim 4.88)
	(envelope-from <peko@dell.be.48ers.dk>)
	id 1dVld6-0005yh-3D; Thu, 13 Jul 2017 23:26:36 +0200
From: Peter Korsgaard <peter@korsgaard.com>
To: buildroot@buildroot.org
Date: Thu, 13 Jul 2017 23:26:31 +0200
Message-Id: <20170713212631.22939-1-peter@korsgaard.com>
X-Mailer: git-send-email 2.11.0
Subject: [Buildroot] [PATCH-2017.02.x] nodejs: security bump to version
	6.11.1
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=subscribe>
MIME-Version: 1.0
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

Fixes CVE-2017-1000381 - The c-ares function ares_parse_naptr_reply(), which
is used for parsing NAPTR responses, could be triggered to read memory
outside of the given input buffer if the passed in DNS response packet was
crafted in a particular way.  This patch checks that there is enough data
for the required elements of an NAPTR record (2 int16, 3 bytes for string
lengths) before processing a record.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 .../{6.11.0 => 6.11.1}/0001-gyp-force-link-command-to-use-CXX.patch   | 0
 .../0002-inspector-don-t-build-when-ssl-support-is-disabled.patch     | 0
 .../0003-src-add-HAVE_OPENSSL-directive-to-openssl_config.patch       | 0
 package/nodejs/Config.in                                              | 2 +-
 package/nodejs/nodejs.hash                                            | 4 ++--
 5 files changed, 3 insertions(+), 3 deletions(-)
 rename package/nodejs/{6.11.0 => 6.11.1}/0001-gyp-force-link-command-to-use-CXX.patch (100%)
 rename package/nodejs/{6.11.0 => 6.11.1}/0002-inspector-don-t-build-when-ssl-support-is-disabled.patch (100%)
 rename package/nodejs/{6.11.0 => 6.11.1}/0003-src-add-HAVE_OPENSSL-directive-to-openssl_config.patch (100%)

diff --git a/package/nodejs/6.11.0/0001-gyp-force-link-command-to-use-CXX.patch b/package/nodejs/6.11.1/0001-gyp-force-link-command-to-use-CXX.patch
similarity index 100%
rename from package/nodejs/6.11.0/0001-gyp-force-link-command-to-use-CXX.patch
rename to package/nodejs/6.11.1/0001-gyp-force-link-command-to-use-CXX.patch
diff --git a/package/nodejs/6.11.0/0002-inspector-don-t-build-when-ssl-support-is-disabled.patch b/package/nodejs/6.11.1/0002-inspector-don-t-build-when-ssl-support-is-disabled.patch
similarity index 100%
rename from package/nodejs/6.11.0/0002-inspector-don-t-build-when-ssl-support-is-disabled.patch
rename to package/nodejs/6.11.1/0002-inspector-don-t-build-when-ssl-support-is-disabled.patch
diff --git a/package/nodejs/6.11.0/0003-src-add-HAVE_OPENSSL-directive-to-openssl_config.patch b/package/nodejs/6.11.1/0003-src-add-HAVE_OPENSSL-directive-to-openssl_config.patch
similarity index 100%
rename from package/nodejs/6.11.0/0003-src-add-HAVE_OPENSSL-directive-to-openssl_config.patch
rename to package/nodejs/6.11.1/0003-src-add-HAVE_OPENSSL-directive-to-openssl_config.patch
diff --git a/package/nodejs/Config.in b/package/nodejs/Config.in
index be20af56d6..31dcfb67d9 100644
--- a/package/nodejs/Config.in
+++ b/package/nodejs/Config.in
@@ -43,7 +43,7 @@ config BR2_PACKAGE_NODEJS_V8_ARCH_SUPPORTS
 
 config BR2_PACKAGE_NODEJS_VERSION_STRING
 	string
-	default "6.11.0"		if BR2_PACKAGE_NODEJS_V8_ARCH_SUPPORTS
+	default "6.11.1"		if BR2_PACKAGE_NODEJS_V8_ARCH_SUPPORTS
 	default "0.10.48"
 
 config BR2_PACKAGE_NODEJS_NPM
diff --git a/package/nodejs/nodejs.hash b/package/nodejs/nodejs.hash
index ac010ab6d6..2dbbdc7cc2 100644
--- a/package/nodejs/nodejs.hash
+++ b/package/nodejs/nodejs.hash
@@ -1,5 +1,5 @@
 # From upstream URL: http://nodejs.org/dist/v0.10.48/SHASUMS256.txt
 sha256  365a93d9acc076a0d93f087d269f376abeebccad599a9dab72f2f6ed96c8ae6e  node-v0.10.48.tar.xz
 
-# From upstream URL: http://nodejs.org/dist/v6.11.0/SHASUMS256.txt
-sha256  02ba35391edea2b294c736489af01954ce6e6c39d318f4423ae6617c69ef0a51  node-v6.11.0.tar.xz
+# From upstream URL: http://nodejs.org/dist/v6.11.1/SHASUMS256.txt
+sha256  6f6655b85919aa54cb045a6d69a226849802fcc26491d0db4ce59873e41cc2b8  node-v6.11.1.tar.xz