Opened 8 years ago

Closed 8 years ago

Last modified 8 years ago

#51418 closed update (duplicate)

nodejs @4.4.3, nodejs-devel @5.11.0: update to 4.4.4/6.1.0 - security advisory

Reported by: macports@… Owned by: macports-tickets@…
Priority: Normal Milestone:
Component: ports Version:
Keywords: Cc:
Port: nodejs nodejs-devel

Description

nodejs port currently at 4.4.3. nodejs-devel port currently at 5.11.0.

There is a security advisory for SSL against these versions. Fixed in 4.4.4 and 6.1.0.

Thanks.

Change History (2)

comment:1 Changed 8 years ago by ci42

Resolution: duplicate
Status: newclosed

nodejs/nodejs-devel don't link against the bundled openSSL but the openSSL port from MacPorts. Make sure you have the latest version of the openSSL port installed:

$ sudo port selfupdate
$ sudo port upgrade openssl

Regarding the updates, closing as duplciate of #51333.

In the future please Cc the port maintainer(s) (port info --maintainer nodejs, port info --maintainer nodejs-devel).

comment:2 Changed 8 years ago by macports@…

Fair point on the SSL; I'd still appreciate an update for nodejs-devel to get the new features/performance improvements in v6, including shared c-ares library fix.

Sorry about missing the CC. I realised after submitting the ticket, but couldn't see a way to add it.

Thanks.

Note: See TracTickets for help on using tickets.