Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

V6.10.2 proposal #12128

Merged
merged 8 commits into from
Apr 4, 2017
Merged

V6.10.2 proposal #12128

merged 8 commits into from
Apr 4, 2017

Conversation

MylesBorins
Copy link
Contributor

2017-04-04, Version 6.10.2 'Boron' (LTS), @MylesBorins

This is a special LTS to fix a number of regressions that were found on the 6.10.x release line.

This includes:

  • a fix for memory leak in the crypto module that was introduced in 6.10.1
  • a fix for a regression introduced to the windows repl in 6.10.0
  • a backported fix for V8 to stop a segfault that could occur when using spread syntax

It also includes an upgrade to zlib 1.2.11 to fix a number of low severity CVEs
that were present in zlib 1.2.8.

Notable changes

  • crypto:
    • fix memory leak if certificate is revoked (Tom Atkinson) #12089
  • deps:
    • upgrade zlib to 1.2.11 (Sam Roberts) #10980
    • backport V8 fixes for spread syntax regression causing segfaults (Michaël Zasso) #12037
  • repl:
    • Revert commit that broke REPL display on Windows (Myles Borins) #12123

Commits

  • [5f644d2f6f] - crypto: fix memory leak if certificate is revoked (Tom Atkinson) #12089
  • [912f78a566] - deps: fix CLEAR_HASH macro to be usable as a single statement (Sam Roberts) #11616
  • [abe9132011] - deps: upgrade zlib to 1.2.11 (Sam Roberts) #10980
  • [1ff512c185] - deps: backport e427300 from upstream V8 (Michaël Zasso) #12037
  • [8dfc710a06] - deps: cherry-pick b9f682b from upstream V8 (Michaël Zasso) #12037
  • [52bdb8f246] - deps: backport 2cabc86 from upstream V8 (Michaël Zasso) #12037
  • [64fc5a4541] - repl Revert: "Revert "repl: disable Ctrl+C support..." (Myles Borins) #12123

targos and others added 7 commits March 29, 2017 16:30
Original commit message:

    Fix classifier related bug

    R=adamk@chromium.org
    BUG=chromium:621111
    LOG=N

    Review-Url: https://codereview.chromium.org/2086513002
    Cr-Commit-Position: refs/heads/master@{#37150}

Fixes: #11977

PR-URL: #12037
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Original commit message:

    Fix bug with illegal spread as single arrow parameter

    R=adamk@chromium.org
    BUG=chromium:621496
    LOG=N

    Review-Url: https://codereview.chromium.org/2084703005
    Cr-Commit-Position: refs/heads/master@{#37196}

Fixes: #12017

PR-URL: #12037
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Original commit message:

    Properly handle holes following spreads in array literals

    Before this change, the spread desugaring would naively call
    `%AppendElement($R, the_hole)` and in some cases $R would have
    a non-holey elements kind, putting the array into the bad state
    of exposing holes to author code.

    This patch avoids calling %AppendElement with a hole, instead
    simply incrementing $R.length when it sees a hole in the literal
    (this is safe because $R is known to be an Array). The existing
    logic for elements transitions takes care of giving the array a
    holey ElementsKind.

    BUG=chromium:644215

    Review-Url: https://codereview.chromium.org/2321533003
    Cr-Commit-Position: refs/heads/master@{#39294}

Fixes: #12018

PR-URL: #12037
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
The additional validity checks applied to StartCom and WoSign
certificates failed to free memory before returning.

Refs: #9469
Fixes: #12033
PR-URL: #12089
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
PR-URL: #10980
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
Apply unreleased (as of zlib v1.2.11) patch from upstream:
- madler/zlib@38e8ce3

Original commit message:
  Fix CLEAR_HASH macro to be usable as a single statement.

  As it is used in deflateParams().

PR-URL: #11616
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Full original message:

  Revert "repl: disable Ctrl+C support on win32 for now"

The original fix was a stop gap until a libuv update landed.
As the libuv update has not yet landed on v6.x the revert should
not have landed. This commit reverts 1d400ea reapplying the
stopgap fix until we update libuv.

Fixes: #12085
Refs: #8645

PR-URL: #12123
Reviewed-By: Anna Henningsen <anna@addaleax.net>
@nodejs-github-bot nodejs-github-bot added meta Issues and PRs related to the general management of the project. v6.x v8 engine Issues and PRs related to the V8 dependency. zlib Issues and PRs related to the zlib subsystem. labels Mar 29, 2017
@MylesBorins MylesBorins force-pushed the v6.10.2-proposal branch 2 times, most recently from 0ff565d to be03658 Compare March 29, 2017 21:08
@MylesBorins
Copy link
Contributor Author

MylesBorins commented Mar 29, 2017

CI: https://ci.nodejs.org/job/node-test-pull-request/7094/
CITGM: https://ci.nodejs.org/view/Node.js-citgm/job/citgm-smoker/678/

rc: https://nodejs.org/download/rc/v6.10.2-rc.1/

edit:

CI failure is with clang341 and expected
CITGM failures are expected (lodash timeout on OSX && readable-stream failure on ubuntu1604

@mscdex mscdex removed v8 engine Issues and PRs related to the V8 dependency. zlib Issues and PRs related to the zlib subsystem. labels Mar 29, 2017
This is a special LTS to fix a number of regressions that were found
on the 6.10.x release line.

This includes:

 * a fix for memory leak in the crypto module that
   was introduced in 6.10.1
 * a fix for a regression introduced to the windows repl in 6.10.0
 * a backported fix for V8 to stop a segfault that could occur
   when using spread syntax

It also includes an upgrade to zlib 1.2.11 to fix a numberof low
severity CVEs that were present in zlib 1.2.8.

http://seclists.org/oss-sec/2016/q4/602

Notable changes

* crypto:
  - fix memory leak if certificate is revoked (Tom Atkinson)
    #12089
* deps:
  - upgrade zlib to 1.2.11 (Sam Roberts)
    #10980
  - backport V8 fixes for spread syntax regression causing segfaults
    (Michaël Zasso) #12037
* repl:
  - Revert commit that broke REPL display on Windows (Myles Borins)
    #12123
@MylesBorins MylesBorins merged commit fbc9fde into v6.x Apr 4, 2017
MylesBorins added a commit that referenced this pull request Apr 4, 2017
@gibfahn gibfahn deleted the v6.10.2-proposal branch April 4, 2017 13:14
andrew749 pushed a commit to michielbaird/node that referenced this pull request Jul 19, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
meta Issues and PRs related to the general management of the project.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

8 participants