Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
branch: v0.8.8-release
Commits on Aug 22, 2012
  1. @isaacs

    2012.08.22, Version 0.8.8 (Stable)

    isaacs authored
    * V8: upgrade to 3.11.10.19
    
    * npm: upgrade to 1.1.59
    
    * windows: fix uninitialized memory access in uv_update_time() (Bert Belder)
    
    * unix, windows: fix memory corruption in fs-poll.c (Ben Noordhuis)
    
    * unix: fix integer overflow in uv_hrtime (Tim Holy)
    
    * sunos: fix uv_cpu_info() on x86_64 (Ben Noordhuis)
    
    * tls: update default cipher list (Ben Noordhuis)
    
    * unix: Fix llvm and older gcc duplicate symbol warnings (Bert Belder)
    
    * fs: fix use after free in stat watcher (Ben Noordhuis)
    
    * build: Fix using manually compiled gcc on OS X (Nathan Rajlich)
    
    * windows: make junctions work again (Bert Belder)
  2. @isaacs

    npm: Upgrade to 1.1.59

    isaacs authored
  3. @isaacs

    lint

    isaacs authored
  4. @ronkorving @bnoordhuis

    doc: fix typo in cluster example code

    ronkorving authored bnoordhuis committed
  5. @isaacs

    npm: Upgrade to 1.1.57

    isaacs authored
Commits on Aug 21, 2012
  1. @isaacs

    npm: Upgrade to 1.1.56

    isaacs authored
  2. @isaacs

    npm: Upgrade to 1.1.55

    isaacs authored
  3. @bnoordhuis

    tls: update default cipher list

    bnoordhuis authored
    Update the default cipher list from RC4-SHA:AES128-SHA:AES256-SHA
    to ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH
    in order to mitigate BEAST attacks.
    
    The documentation suggested AES256-SHA but unfortunately that's a CBC cipher
    and therefore susceptible to attacks.
    
    Fixes #3900.
  4. @bnoordhuis
  5. @piscisaureus
  6. @piscisaureus
Commits on Aug 20, 2012
  1. @piscisaureus

    unix: don't explicitly instantiate v8::Persistent<x> templates

    piscisaureus authored piscisaureus committed
    These explicit instantiations were added to make MSVC happy. It turns
    out that some older versions of gcc and llvm now complain about duplicate
    symbols, so we instantiate these templates only when MSVC is used.
  2. @bnoordhuis

    fs: fix use after free in stat watcher

    bnoordhuis authored
    The uv_fs_poll_t handle was stopped but not closed, leaving libuv's internal
    handle queue in a corrupted state.
  3. @bnoordhuis
  4. @TooTallNate

    build: don't use "-Wnewline-eof" on OS X

    TooTallNate authored
    This is the only thing preventing a manually compiled version of GCC
    (rather than Apple's provided llvm-gcc or heavily modified gcc 4.2)
    from working properly, so we might as well enable support for that.
    
    With this patch I was able to compile node using a manually compiled
    gcc 4.7.1.
    
    Closes #3887.
Commits on Aug 17, 2012
  1. @piscisaureus
Commits on Aug 16, 2012
  1. @piscisaureus
  2. @piscisaureus
  3. @isaacs

    website: Improved install button behavior

    isaacs authored
    Just install whatever's best for the OS.
    
    Detect host os and architecture from the navigator properties.  If we
    can't make a good guess, then they get the tarball, and of course
    everything we have is on the full download page.
  4. @isaacs

    v8: Reapply floating patches

    isaacs authored
  5. @isaacs

    v8: Upgrade to 3.11.10.18

    isaacs authored
  6. @isaacs
  7. @TooTallNate
  8. @isaacs
  9. @isaacs

    Now working on 0.8.8

    isaacs authored
  10. @isaacs
  11. @isaacs

    blog: release 0.8.7

    isaacs authored
Commits on Aug 15, 2012
  1. @isaacs

    2012.08.15, Version 0.8.7 (Stable)

    isaacs authored
    * npm: Upgrade to 1.1.49
    
    * website: download page (Golo Roden)
    
    * crypto: fix uninitialized memory access in openssl (Ben Noordhuis)
    
    * buffer, crypto: fix buffer decoding (Ben Noordhuis)
    
    * build: compile with -fno-tree-vrp when gcc >= 4.0 (Ben Noordhuis)
    
    * tls: handle multiple CN fields when verifying cert (Ben Noordhuis)
    
    * doc: remove unused util from child_process (Kyle Robinson Young)
    
    * build: rework -fvisibility=hidden detection (Ben Noordhuis)
    
    * windows: don't duplicate invalid stdio handles (Bert Belder)
    
    * windows: fix typos in process-stdio.c (Bert Belder)
  2. @isaacs

    website: Sharpen and clean up download page more

    isaacs authored
    Retinaify the images!
  3. @isaacs
  4. @isaacs

    website: Use table for download page

    isaacs authored
    Paragraphs of text are too wordy.
    
    Use big pretty images and clickable blocky links.
  5. @goloroden @isaacs

    website: download page

    goloroden authored isaacs committed
    - Improved styling of download links.
    - index.html#download now redirects to /download/
    - Added missing hyphens, and added the missing "and 64-bit" for the Mac
      Installer.
  6. @isaacs

    npm: Upgrade to 1.1.49

    isaacs authored
    - node-gyp@0.6.5
    - abstracted-out configs
    - publishing over proxies
    - bugfixes to all the deps
  7. @bnoordhuis

    crypto: fix uninitialized memory access in openssl

    bnoordhuis authored
    ASN1_STRING_to_UTF8() passes an ASN1_STRING to ASN1_STRING_set() but forgot to
    initialize the `length` field.
    
    Fixes the following valgrind error:
    
      $ valgrind -q --track-origins=yes --num-callers=19 \
          out/Debug/node test/simple/test-tls-client-abort.js
      ==2690== Conditional jump or move depends on uninitialised value(s)
      ==2690==    at 0x784B69: ASN1_STRING_set (asn1_lib.c:382)
      ==2690==    by 0x809564: ASN1_mbstring_ncopy (a_mbstr.c:204)
      ==2690==    by 0x8090F0: ASN1_mbstring_copy (a_mbstr.c:86)
      ==2690==    by 0x782F1F: ASN1_STRING_to_UTF8 (a_strex.c:570)
      ==2690==    by 0x78F090: asn1_string_canon (x_name.c:409)
      ==2690==    by 0x78EF17: x509_name_canon (x_name.c:354)
      ==2690==    by 0x78EA7D: x509_name_ex_d2i (x_name.c:210)
      ==2690==    by 0x788058: ASN1_item_ex_d2i (tasn_dec.c:239)
      ==2690==    by 0x7890D4: asn1_template_noexp_d2i (tasn_dec.c:746)
      ==2690==    by 0x788CB6: asn1_template_ex_d2i (tasn_dec.c:607)
      ==2690==    by 0x78877A: ASN1_item_ex_d2i (tasn_dec.c:448)
      ==2690==    by 0x7890D4: asn1_template_noexp_d2i (tasn_dec.c:746)
      ==2690==    by 0x788CB6: asn1_template_ex_d2i (tasn_dec.c:607)
      ==2690==    by 0x78877A: ASN1_item_ex_d2i (tasn_dec.c:448)
      ==2690==    by 0x787C93: ASN1_item_d2i (tasn_dec.c:136)
      ==2690==    by 0x78F5E4: d2i_X509 (x_x509.c:141)
      ==2690==    by 0x7C9B91: PEM_ASN1_read_bio (pem_oth.c:81)
      ==2690==    by 0x7CA506: PEM_read_bio_X509 (pem_x509.c:67)
      ==2690==    by 0x703C9A: node::crypto::SecureContext::AddRootCerts(v8::Arguments const&) (node_crypto.cc:497)
      ==2690==  Uninitialised value was created by a stack allocation
      ==2690==    at 0x782E89: ASN1_STRING_to_UTF8 (a_strex.c:560)
Commits on Aug 14, 2012
  1. @bnoordhuis

    test: raise pummel/test-net-throttle write req size

    bnoordhuis authored
    pummel/test-net-throttle assumes that a couple of big write requests result in
    some of them getting queued because the kernel's send buffer fills up.
    
    Said assumption breaks on systems with large send buffers. Raise the size of
    the write request to ameliorate the issue.
    
    This is a back-port of commit 6770555 from the master branch.
Something went wrong with that request. Please try again.