nodejs10-docs-10.24.1-lp152.2.18.1<>,栉a21ɸ/=„!Ze?㖓#uLăvQ3-/y*@ͽVV/E}=c_|"$ޒBK"E2Y.]皃'[^=/3J^'O~5콏q1pw:=O'%M'K׼aKucHX`Tohr~0}U0;9hcK"Tٹm"!.,•d&BjJB~нThlgE'Y;N ~Տ>;ۈ?xd % ?| x   p 0 03,6G9b9<<<$<(<8<W9>W:FWF.G@HǼI8XY\]p^ԗb4cdoetfwlyu֌vz(,2tCnodejs10-docs10.24.1lp152.2.18.1Node.js API documentationThe API documentation for the Node.js JavaScript runtime.a21lamb60^openSUSE Leap 15.2openSUSEMIThttp://bugs.opensuse.orgDocumentation/Otherhttps://nodejs.orglinuxnoarchӕ29  ;"9fV=]Po^z[|<]'@tMo=$ JpVcUBI0=7mW^<bGD,OK7WMb#=@;nKW>~D"m/}-$6HG/S;]+VhgXu ڋ˚l76Cf/-4 ;h"j4Dp0YG MR^2y ( [{O"YC2-7SEkn0,B}0$:6+}B/p|/AA큤A큤a21a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+a2-+75cf7839d1e4566d1f3f0a87c3d489bc8a6c4a96f0a296ad7d0daa9a39b48fd7710c1d72c34a09bf89047e2b4f6b6045711263bec37a989c217dbe72fc167ad9cb4e841e088afb0ea968a76258b52de66e7159a627e6fc6e9dbe949c9484395a654f368d240e8299b3ea7c3b81f0eda18ea294407dbc3148c4372f06291555191f7caae55aee9934e92dcd57b4a901dbe19603cf0f8e7220dacf90b819106a1bcbefde4330ba482e7821181dbd81b7de78e2a7e7a935ca3cc3014955218c415c81161d1cd2437736ddb1d7f917c6822092c4f0562917ea2498e190a04e941d5aee827a73608b1cd1c6624f08acf54734c534d659816aeb720026fa93a7db11ed16dbb08cfd6a54861c2abc0a6df156998f544d088463fda0861c38a1da6803c61cbd504135c101074b1179bff23e0fd009834372024238c3f9aeb747105a650e0affd7423443e49869b9596ffdae9f6aa3efa8a343e2d78303ef47a4f68d4812f2fec5fd04f4d55a449dfbfa3728b92d4850a7ca85e0905eaa4a2ac98ec7c82c0ed4d92cee7e034e3440071ed9ad40af1cdde09e10e0c73ba04d15970d9d95565056308b5040771ad37daf3b397d77fceef1c838230904a3313738cf0cf6dd6cafd1c1252eb02c3c231760755b980dc59b11129a8c6580cc412564ce0e378d00862f72c0fb6faa6783902d9afc38b96b7dd9e89a22f28f57216c38024ad1155f6f8e85591134aa38a7c1b892eab0b96790d6ad20f241723045a18f267bb078590cb99704a0312850c0bd04035734f735c8ae6e603f4a0179a226588f30453e31db53e333238ff91b1f4ea743f31fd82e7852a90bf44bba4543591ad2a4e2de20785c020a5b337d47d931da787608f545dd236bac0675716d5b4541c5bad606e256a47a3a93974491068967fcb685cb1df160980857c47013c13ced9d71a779e535c1e571a7ade0bd7d02b0609be52a44c2653d24ec4f0841122eee550d6aca3af8b329f08fae60176eea37c77ebd2a195ad7e82e7c5f515a104ae49d1972d6d923cf3698f391e4ebbda562910e5981b75d40a92b174c710cb7110d38433d2c96cfc6d29e8c67156dc4735203da6e43da3f14b8ffdebd6ecc11d960e695167987a362f1c789d5b75fb98427d2caab73950c19a5b4331877b9b5760ec07777a7c2481432e5eecbc3f4d5db9486375f4c1f9e85714a2f3d835dd6f917dfd12e35d3f0bb50ba81d2d77a5c34f3f252276a197a996fd024d2d31f02be1e4e756cd3f9c7938164337f6fe749b8663ff1186fb07d9fa283eb2ca08a30fa18a11d273273b151ecf5ab5f2829714237cf9afeafbbdb41060242053efb1ffd53cd2e19caa4d84e6f278f25edff0df6cd5fb5764f6c7fe2b1db2832ec964b9fb1a211a26cd2c53ceb7ee9f0c99b0921b99e18fa5128a47ca200a2571167ae74102ff4d6ffe6e274d919919cca180fc78414c4c2fa6e7a791fb90570b2e7cfc703c8cd847c6da2c17a15e31040864d9e4a9fd60c5f5c902538d614858a65f8f4c9cc3fbe2ccf09946ab0b06b473468dbd06b2d94ffc0a5f9b536bba3da1c9ddb9fe295bdf0af6a94c2f6972ace41992b8d0518fcd5ea8a0bbad726a3c0cd1d8918c5f67d37808ed3c6af2eb6ea6a0a3167ff74dcaf4bbfaf12309c2cb14d6e1b4790a3dc9f0c541c1436304e3c5e9407341f6adc582c59e014c0fa3377c4645e7fae5b05ee8aca172cdd344c7a1a2641b3af5e509686b717f35076a4d86d74c2d0ed077fc0233027b577d2b584910e65cb15e02bada1100f7451046592bb9675555d35b8c853bd180c5f093aba1b3a5134fe9e4b76ea95efeb9aa6d0326606024fed6c4ab32f192eaa1f6f6b9b90f8bb8bf6d72a8f6f8ab2cc3f5bbbfd76f38d885820ed60c9d1f93ce52871ce1f0516f51a1e3b77756c9f55f91b98e2eed4cdef7f862e71542ae5c4581bb02e5238c60af81163de742c9029427414180f8ada46c07f14351abf83fbf11e88e85775389663f25afa86c691f962f051a373bf23f1304b006ea3e9bba57ee2d36dee1db4b810dac92427e125eeacf4aeeb4cb23536a7df9e4d7df952c6b29d617cb528c1be5469f8c43a3950ab402f5cc57307bcfa447fd56e3eaeb8e5d1138de94a5974189ffa1a87222768db67f835e791f837863a16960ab55211779721ac2941ff0b1d3da4778cb9e9aca921830a73b03fd7972103b845ac56c53013c9b6150d0e86f0c32e8cb023b1fa23f3388f74b295ad879e539f56e3474fb18580a1799d387a3dc347c46a55e70dea83ddf11e7c94403be49021cbb0933c3a5b4b879e4d7656c2a8c8851968030ade5a613a4bc7b8f7f272d93ed63c776ed52420e56c0256a5d857a6fc4dcbc2be48516baae9513bc047b75c6795ad1a7a7305946d4a1b133bdef7d68f4f0b5a97f044bec32e94ccf9b11b1d4ee4f23c0331d774cac3dd8d27fc1badbf4015292abcde1f14a66f14dbfa07529bd04ccf1d07015c94f4aa71cbd6906a01e3779c45d5af5fd432b9ec66c82530d712d7795814b0c56ca1a9de238cebf9bef9e583f6ef4c36614ad9288d1350b838c0a19741b404a8a6b9b8ddbcdd5d5c2db6637b40f547e3485a93272b03814ec3598c71f5bf72d6519014ba847719b715d3637a937964b7a340e3262059e9766c7804efe76e3b6f406808dd2e12bd7ef618385de192cf442dc6fc8baf6be30773c8d6d2eb37f3b38a84c93a2ba2cbb71b282a07ca00538db2be44de0ae280f5f2c6adf29fb7ac907ade0a31d07d5fbed3dd66fd71af86b14e6a6e8002af897300405c1a1f82dff523d41baf14e98638c0f2e1b1acedb5391fc62e36e225865451f589b3b1520f40a08b8571706e0d7cd7132043af8d703a04d427751472d91d73da059e2917e0a065428969603221fe31c5ffeee739d361218c09ed92045a14d275f921f03b922935f0325300adc64b2054048fd2e59ed60ce415d2b8c818976fa499d01d6b4de87407dce3f6683178d527e6b1f5d3672da264bb3578c274db7d5e8517938990be1be2488a71ca65e793430fee5e710053b161c2c1345e704383601a01da8bc38b166d621becd41f5eb1eb90b9ddbbf125c6e931ef5743079e08a518ef65fbf73f19ede522150d44641d2ae951bbefe3eec96c16da6280ed4a0d105eaafaeb8809505828ad8ef698bad0aec6c5f7e5038c993a5c6dda92072937d9fb45923d6e429a0a9877c0ed11c360456beb91827e2d1477d600f6daadf7c02f8faa5ba21db02aca470f90faa9eaf1a85398158455e5d6dfe9103917693e2cca062ee9bc1ff6f0f9cd9dc9242f6889903015541deddeec86e2f05a1820baf87f827a7f4510d54a547a10f658e61bd282efbf2b48e2dffa8570fe3dc72aee2681490fe984812a24e424d58925c436aa7b396b7751f387ae9a7674e699019533e7391742f53038b12fbcd3c6687b17a9017d13f840a201675704c90e9c0a99ada348a44387b631ba8e1905d7dc5fbe2b70a241a4f7218ba6339f27c71d189e369366621d79f1f5e95b8864679917b6ea1dad2f0b7f1ef1b3d7544a28a2384a316741a30a2bd65a18db23827261f2f109b9ef1a02b236e91c9bc0c8f7fd1cea77e3a5c77a2bd7ff59e9280e97cd08f9ac984ae489b3e0bc5a14eba92478c5c4f695464ee5bbb7ad8394e2a5d56fbe08aaddfbe1cb10f7d9ce984f0b20265291d32b25e76dad1ac600dde24863a5cafc5589bd7039895c7d699b12acfa7198c842500b683319e7650feb8e2eb286a8d79216520b11444405a868a00f074451b20e9125afa6078dccabf0eb6eeae00cbef325b850d7920c6b641e33bf521a6d79e60337400c31fe89236349a1266c56d55828c3473b7d82c073981b88b04bdc8303ebcadb0a98c891283a8bc943f6c9c9e8d2585baac3dad835fd43ddf0f6bd15a1bdb28eee0eff96e093613e3e63c649ffd5c164cb4f1135a37ad20a39693b206d051552e7f39edecc23d66cda2fcfa91f58f8759fa4c553d659a8e8a7a123476d36c176d69174251633113ff739269941a8bed846115db9bd99a1c8ad5ca91873d5028bfe5642a4f8b2f4b2560f7743bb0b94ad2776c61671b046fef795220fc79bead04a80f2d3d551a65da9d9a7c5c5d9f63bbc0845e292f8f599ca08003ea0bf28c6af8735fca828be08626518ea3e2b91b1d6246af46d79af06a93f606ec1694f6c9b319662293d7d1074e52f88a6286bcb01e27d51f0c8a991642b420adc78e8c746bf3e3fd880f2ed1636e0663019a70494163f6a038aa30477e63f3cf82c120a7a172532d41c95b2553ccbc0b072979039098ea992e934f97a92dd75ed84b9d918a44fbf766fc1592bd9ac74bee16116ecfd57b26bb935bc0d867797ba5ecdbf39297c0163a2b29eccae729f3e7a26a7be0d963423b62b1fcdb0d69c2cade28168ad375a96e856e9190de9494d1112e9af179eac66006a79ff0e8f658c3a94462f415094d5cc5bb5baa18d99da02c264653243bec22d94a3b3c176a0b3e33dc3e6929e4a944c4a42253dcfb19b26cba199798db8229c23b951ff15dba7013e1be83a2728d391cec3a25203f11b4672a0d26f8e82b242b813704a31207d3304ab32766dbb0ca6d1e2389bed15561cc5f366f59dbe182f0ae0859dd4acd95bb872e57f4a8256cd03cf0c850a1b1d1fb2b3deaca2465c6ae2aabc15e6bf32b69546853098eeb978efb767511d7fbe9e820521faf5003cefff28b77cbc58569c25ca7b7b498cfb5e8819b4398e68f407d7cc84a36587885bfe5d5bb7a10664be6b29f85f89a02701440ee2d91d40b8bde82df280eeb06d20803eba01421c2dba4e5cd4204a21c4b16e3ef369cae2d197b021c441136d05fd6328ca9e588db44e0b17fc7ac618805423b474523fe0d3387b2e9632022f0ad0406996a608139c766544c45889f2f7fb22a0ca46e77f762e6e027e39b382ec81f5a705bb876a1dd8d4cd022c819c4a92ebb2b920ed5dece3ff63d9663157e7b52704433e894733556be8badfc705487e119ce44f3bfe661460d60d951ff19da527f688cf53ef0626f9a7710916079d0a092ef4c8fc940195b3700cdbab64b7ecc2097e5117da8000dafc7d2afccacb211f2995c5212735d0ba2c8c2f2bf2072c7989c31f0d7da6f79e8c4870085244f84d24b4d27c17f6968ebe1a14adf08d430eaa0c53b0c02d13da03094405fa1830992ac3bf9e85a45cf5f1a57471a3db2c51007ce1e786fab7950d93d83b497b61d9ffec38ebce031f62175f278598afbb2ecc1db472b25d3484fe5a3a4b8aeb8c07d853ae63a096c59cc9623009c4cec4ec2dd15e58680a603e93fdd70fe9cd6ec72b89ae83449e1a7927eec1ca3a150699b2fec57f60d92856d884b96d29211fc084d954ed4b17f27cffef1751aec379c3cf79e6d6172f2eec99e790c40f0d16bd4cc1a20271e8ef947c3aa732ea5bf652a1faa67b9b8130a5b5e6b530773c79de07072c08243c82d7fd3711ba78ee1e8d8b06193bfd569ecb2727fc3b24897e631cbc71a64c397ba99a56c4050afcaff05d080755dd013512981a298c59eb5b3a9ef9631cdca18f0b232bb4c593706658238ae208e26cab75e50e9b27532db20e017bc11f85b947b54ecfd96b59b96db72dd2564d54234d62723dd7131719926fbac273eeea9825948de1600a7dd8184a14eb3f6a65d7448d729dce7b537ea8f51f26bd0bf9a9b1b505a59aec3e0f9b82a984cbf7cd4ad8e0abacf07b9e3e1b336e66f38436ca3ca1e5791914bedd00f6cbde5b250aaad9ef94900f638c7898a0c4aec53cdaa4f47d6819e5adf25bc4599112c6e55d4313a53f1e970af8d6112ace2f9f0bb313c7a49f97b48a97b4a5912dfaffaebc4feff5782ba2c02e1d86af4e6f1facbd0cb603a6d49a9ebec1dc0abde3929777fbadd5fffa5423dc2012443b12e62a308b7362ee8e970b2145afcc52a9960f5083667eb0dce368bcf22dbb13bbb7b24c158dd3c8f594c1ee0db92ddd511e4b1005ff82749197c9d659ca32ca79bcf283b35942eea7db85b72fbf788159c18548b6c5e6369fbc969fb731809adc4aefcde2472ea4e97dd586442a86e3dc63b8616cb3a355b9dc8705ad934f337c990101b6085e71f1f62b326b9678a205862c01575679085dc5be5f815e73593db75e774c08a5b3cdebd3fa4c83a80c1c845cc413ecb19bdef3562dcae6b54cf6077160fa8a11921649baf609243a24c7923d6b5e75c52dbf12ef17e2d577ad9efb3f1b4fd4939a0eb611aecdb9d959983d077ecd3110d351a633b90aa887ab0f30604d32f20bc4b3bc5242c683de10643b2b49846ffd36bc3122fc30826f622431fd31afb993a4d2ca63963252b44d56920c0e8a0fa7cccbe16800961092587942e2b9cca80389d7e5c89a94521e065a86d6c8b9417d169949e0afc73d49d4bc4f64754162da333480e956484adfd15b6bf22430b797035d388c45c11929d1f8744975e85cecf74713b368396631e4d4c244fb85a523e3c6fcbc9197ead70bb15b800da2a1d303706c9d87e335eabd8e623af80f75b90c9b53a59f56c5f09e4062c58ec8c9292da0986099ee39fb7f2f6c8bc72a939ddc06a9d81d255a82bcda80a66346d0f410dd89bf6e82100fe79b702fb430f74dbf7b34f226ada3d181b88ff490e116477b167fec384da7e61942f49b84e843ecf749ec7104b27acd3b49cc8a155148fd6b84362fdd5087c8ef198868d9122ac4efcb4f6c16296b433816623dd9f060383c39317b52b62909a4ea67d56531106b77044eebe66542417e8377b5f36cacee3d48e234ab122b21ffebd23d6efe0ee3ec9ee8788e29c7872d9ab33f7e7a3cfb004721068ecb1f493b5c3d26c67d7cd533dc029c1713cf4028831048d102ecd0cfc27fd615f61a8c47af628c429937334e29c0ded61d2edcee870daed8b1de14c9b42039b1a52ef5b32586c6734532263a4514d667e1efb25cd9148dd4f360fe382ab3ccd5142735aed739ecaedd486e6779bbde277348bd89648a0e6ef53336db3e27cd225ac41efd7c40867c66d899rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootnodejs10-10.24.1-lp152.2.18.1.src.rpmnodejs10-docs    rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.1a^aj@aa @`E``m`F`4@`-@`%@`>_@_@__@__P_d@_?@_16_ @_*@^y^@^^@^\@^=Q@^g@^r^@]f@]N@]d@]@]@]V]B@]>\t@\!\@\C@\@\w@\T4\T4\3?@\ @[@[G[[/[;@[R@[#@[[\[z@[qr[]@[>@[,[!@[d@[@[WZZ3@ZZľ@ZlZZAdam Majer Adam Majer Adam Majer Adam Majer Adam Majer Adam Majer Adam Majer Adam Majer Adam Majer Adam Majer Adam Majer Adam Majer Callum Farmer Adam Majer Adam Majer Adam Majer Adam Majer Adam Majer Adam Majer Adam Majer Dirk Mueller Adam Majer Adam Majer Adam Majer Adam Majer Adam Majer Adam Majer Adam Majer Adam Majer Guillaume GARDET Adam Majer Adam Majer Adam Majer Adam Majer Adam Majer Vítězslav Čížek Adam Majer Adam Majer Adam Majer Adam Majer Adam Majer Guillaume GARDET Adam Majer Adam Majer Adam Majer adam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.dejengelh@inai.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.dero@suse.deadam.majer@suse.deadam.majer@suse.deadam.majer@suse.deqantas94heavy@gmail.comqantas94heavy@gmail.comadam.majer@suse.deadam.majer@suse.deadam.majer@suse.de- CVE-2021-22939.patch: Incomplete validation of rejectUnauthorized parameter (bsc#1189369, CVE-2021-22939)- cares_172.patch: update c-ares to 1.17.2. (bsc#1188881, bsc#1189370, CVE-2021-3672, CVE-2021-22931)- z15-test-skip.patch: skip problematic test on s390x- CVE-2021-22930.patch: http2: fixes use after free on close in stream canceling (bsc#1188917, CVE-2021-22930)- CVE-2021-22918.patch: patch libuv to fix out of bounds read (Medium) (bsc#1187973, CVE-2021-22918) - npm-v6.14.13.tar.gz: update to npm 6.14.13 fixing * fixes ssri Regular Expression Denial of Service and hosted-git-info Regular Expression Denial of Service (bsc#1187976, bsc#1187977, CVE-2021-27290, CVE-2021-23362)- Use libalternatives instead of update-alternatives- New upstream LTS version 10.24.1: * CVE-2021-3450: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High). (bsc#1183851) * CVE-2021-3449: OpenSSL - NULL pointer deref in signature_algorithms processing (High) (bsc#1183852) * CVE-2020-7774: npm - Update y18n to fix Prototype-Pollution (bsc#1184450) - versioned.patch: refreshed- limit_worker_stdio_memsize.patch: reduce memory footprint of test-worker-stdio (bsc#1183155)- New upstream LTS version 10.24.0: * CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion (bsc#1182619) * CVE-2021-22884: DNS rebinding in --inspect (bsc#1182620) * CVE-2021-23840: OpenSSL - Integer overflow in CipherUpdate (bsc#1182333)- relax OpenSSL cipher suite policies for unit tests- New upstream LTS version 10.23.3: * crypto: fix crash when calling digest after piping * deps: reland npm upgrade to 6.14.11 * test: add test that verifies crypto stream pipeline - versioned.patch: refreshed- New upstream LTS version 10.23.2: * deps: upgrade npm to 6.14.11 - versioned.patch: refreshed- New upstream LTS version 10.23.1: * CVE-2020-8265: use-after-free in TLSWrap (High) bug in TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResult structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other exploits (bsc#1180553) * CVE-2020-8287: HTTP Request Smuggling allow two copies of a header field in a http request. For example, two Transfer-Encoding header fields. In this case Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling (https://cwe.mitre.org/data/definitions/444.html). (bsc#1180554) * CVE-2020-1971: OpenSSL - EDIPARTYNAME NULL pointer de-reference (High) This is a vulnerability in OpenSSL which may be exploited through Node.js. (bsc#1179491) - versioned.patch: refreshed- Add icu68.patch: fix build with ICU 68- openssl_binary_detection.patch: fixes unit tests on SLE12- Update Requires: so -devel requires npm - Rely on rpmbuild to define necessary python dependencies- New upstream LTS version 10.23.0: * deps: upgrade npm to 6.14.8 * n-api: + create N-API version 7 + expose napi_build_version variable - versioned.patch: refreshed- fix_ci_tests.patch: add support to SUSE's ECDH backport errors in SLE's openssl- New upstream LTS version 10.22.1: * fs.realpath.native on may cause buffer overflow (bsc#1176589, CVE-2020-8252) - fix_ci_tests.patch: re-add missing debug symbol removal before running unit tests- Strip debugging symbols prior to running unit tests. Some tests cause too much memory usage when debug symbols are enabled.- Explicitly add -fno-strict-aliasing to CFLAGS to fix compilation on Aarch64 with gcc10 (bsc#1172686)- avoid rpmbuild warnings on if/else/endif constructs- New upstream LTS version 10.22.0: * deps: + upgrade npm to 6.14.6 - fixes potential information leak through log files (bsc#1173937, CVE-2020-15095) + upgrade openssl sources to 1.1.1g (SLE-12 only) * n-api: add napi_detach_arraybuffer - versioned.patch: refreshed- Add Require for nodejs10 when intalling npm10 (bsc#1172728)- New upstream LTS version 10.21.0: * napi: fix various types of memory corruption in napi_get_value_string_*() (CVE-2020-8174, bsc#1172443) * http2: fix HTTP/2 Large Settings Frame DoS (CVE-2020-11080, bsc#1172442) * deps: ICU-20958 Prevent SEGV_MAPERR in append (CVE-2020-10531, bsc#1166844)- Reduce Requires to Recommends on nodejs10-devel when installing npm10- New upstream LTS version 10.20.1: * buffer: add {read|write}Big[U]Int64{BE|LE} methods * build: macOS package notarization * deps: + update npm to 6.14.3 (bsc#1166916, CVE-2020-7598) + upgrade openssl sources to 1.1.1e + upgrade to libuv 1.34.2 * n-api: + add napi_get_all_property_names + add APIs for per-instance state management + define release 6 + turn NAPI_CALL_INTO_MODULE into a function * tls: + expose keylog event on TLSSocket + support TLS min/max protocol defaults in CLI * url: handle quasi-WHATWG URLs in urlToOptions() - openssl_rand_regression.patch: upstreamed - versioned.patch: refreshed- openssl_rand_regression.patch: Add getrandom syscall definition for all Linux platforms. This fixes a runtime error in SLE-12 (bnc#1162117)- New upstream LTS version 10.19.0: * fixes a remotely triggerable assertion on a TLS server via a crafted certificate string (CVE-2019-15604, bsc#1163104) * fixes an HTTP request smuggling vulnerability via malformed Transfer-Encoding header (CVE-2019-15605, bsc#1163102) * trim HTTP header values of optional white space (CVE-2019-15606, bsc#1163103) * enabled stricter HTTP header parsing by default.- New upstream LTS version 10.18.1: * http2: fix session memory accounting after pausing * n-api: correct bug in napi_get_last_error * tools: update tzdata to 2019c- Really disable LTO when required (nodejs < 12)- node-gyp-addon-gypi.patch: Fix wrong path in gypi files (bsc#1159812)- New upstream LTS version 10.18.0: * deps: update npm to 6.13.4 fixing an arbitrary path overwrite and access via "bin" field (bsc#1159352, CVE-2019-16777, CVE-2019-16776, CVE-2019-16775) - versioned.patch: refreshed- Increase _constraints to allow all unit tests to execute- skip_no_console.patch: skip tests on build platforms where console is set to a dumb terminal- New upstream LTS version 10.17.0: * crypto: + add support for chacha20-poly1305 for AEAD + increase maxmem range from 32 to 53 bits * deps: + update npm to 6.11.3 + upgrade openssl sources to 1.1.1d * dns: remove dns.promises experimental warning * fs: remove experimental warning for fs.promises * http: makes response.writeHead return the response * http2: makes response.writeHead return the response * n-api: + make func argument of napi_create_threadsafe_function optional + mark version 5 N-APIs as stable + implement date object * process: add --unhandled-rejections flag * stream: + implement Readable.from async iterator utility + make Symbol.asyncIterator support stable - CVE-2019-13173.patch: dropped, no longer in upstream npm - fix_build_with_openssl_1.1.1d.patch: upstreamed - node-gyp-addon-gypi.patch, versioned.patch: refreshed- Fix build with OpenSSL 1.1.1d (bsc#1149792) * https://github.com/nodejs/node/pull/29550 * add fix_build_with_openssl_1.1.1d.patch- Update to 10.16.3: Security update regarding HTTP/2 Denial of Service vulnerabilities For details see, https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V12.md#12.8.1 https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md (CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, bsc#1146091, bsc#1146099, bsc#1146094, bsc#1146095, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518, bsc#1146100, bsc#1146090, bsc#1146097, bsc#1146093) - Changes in 10.16.2: * fix OpenSSL upgrade to 1.1.1c that causes intermittent hangs in machines that have low entropy.- New upstream LTS version 10.16.1 * deps: upgrade openssl sources to 1.1.1c (for SLE-12 based systems) * stream: do not unconditionally call _read() on resume() * worker: fix nullptr deref after MessagePort deser failure- CVE-2019-13173.patch: fix potential file overwrite via hardlink in fstream.DirWriter() function (bsc#1140290, CVE-2019-13173)- New upstream LTS version 10.16.0 * deps: + upgrade npm to 6.9.0 + upgrade openssl sources to 1.1.1b (for SLE-12 based systems) + upgrade libuv to 1.28.0 (for SLE-12 based systems) + upgrade to libuv 1.28.0 * events: add once method to use promises with EventEmitter * n-api: mark thread-safe function as stable * repl: support top-level for-await-of * zlib: add brotli support - openssl_1_1_1.patch: dropped, no longer needed - fix_ci_tests.patch: drop onion handling in DNS, since this depends on 3rd party library - versioned.patch: refreshed- openssl_1_1_1.patch: backport fixes for OpenSSL 1.1.1 (bsc#1134208) - Require user/group nobody for npm- Add _constraints file to avoid OOM errors- flaky_test_rerun.patch: rework patch to account for tests that end with an exception and are not actually re-run...- New upstream LTS version 10.15.3 * http: fix error check in Execute() * stream: fix end-of-stream for HTTP/2 - fix_ci_tests.patch: refreshed- New upstream LTS version 10.15.2 * http: Further prevention of "Slowloris" attacks on HTTP and HTTPS connections by consistently applying the receive timeout set by server.headersTimeout to connections in keep-alive mode. (CVE-2019-5737, bsc#1127532)- nodejs.keyring: update keyring to today's list as per https://github.com/nodejs/node- New upstream LTS version 10.15.1 * tls: throw if protocol too long - fix_ci_tests.patch: refreshed- New upstream LTS version 10.15.0 (still bsc#1112438, FATE#326776, FATE#326919): * cli: add --max-http-header-size flag * http: add maxHeaderSize property - Changes in version 10.14.2 * deps: upgrade to c-ares v1.15.0 * child_process: handle undefined/null for fork() args * http2: make Http2Settings constructors delegate * os: fix memory leak in userInfo() - fix_ci_tests.patch: refreshed- New upstream LTS version 10.14.1 (still bsc#1112438, FATE#326776): * deps: Upgrade to OpenSSL 1.1.0j, fixing + Timing vulnerability in DSA signature generation (bsc#1113652, CVE-2018-0734) + Timing vulnerability in ECDSA signature generation (bsc#1113651, CVE-2018-0735) * http: + Headers received by HTTP servers must not exceed 8192 bytes in total to prevent possible Denial of Service attacks. (bsc#1117626, CVE-2018-12121) + A timeout of 40 seconds now applies to servers receiving HTTP headers. This value can be adjusted with server.headersTimeout. Where headers are not completely received within this period, the socket is destroyed on the next received chunk. In conjunction with server.setTimeout(), this aids in protecting against excessive resource retention and possible Denial of Service. (bsc#1117627, CVE-2018-12122) * url: Fix a bug that would allow a hostname being spoofed when parsing URLs with url.parse() with the 'javascript:' protocol. (bsc#1117629, CVE-2018-12123)- flaky_test_rerun.patch: Rerun failing tests in case of flakiness- New upstream LTS 10.13.0: (bsc#1112438, FATE#326776) * buffer: fix crash for invalid index types * deps: fix wrong default for v8 handle zapping - env_shebang.patch: dropped - skip_test_on_lowmem.patch: skip some build tests on low-memory build machines- node-gyp-addon-gypi.patch: patch fixes (bsc#1094617)- add support for runnign valgrind tests during check, disabled by default - valgrind_fixes.patch: valgrind fixes- New upstream version 10.12.0: * cli: + The options parser now normalizes _ to - in all multi-word command-line flags, e.g. --no_warnings == --no-warnings + Added bash completion for the node binary. To generate a bash completion script, run node --completion-bash. * crypto: + Added support for PEM-level encryption. + Added an API asymmetric key pair generation. * fs: Added a recursive option to fs.mkdir and fs.mkdirSync. * http2: + Added support for the ORIGIN frame. + Added a 'ping' event to Http2Session that is emitted whenever a non-ack PING is received. + Updated nghttp2 to 1.34.0. This adds RFC 8441 extended connect protocol support to allow use of WebSockets over HTTP/2. * module: Added module.createRequireFromPath(filename). This new method can be used to create a custom require function that will resolve modules relative to the filename path. * process: Added a 'multipleResolves' process event that is emitted whenever a Promise is attempted to be resolved multiple times, e.g. if the resolve and reject functions are both called in a Promise executor. * url: Added url.fileURLToPath(url) and url.pathToFileURL(path) * util: + Added the sorted option to util.inspect() + Added support for BigInt numbers in util.format() * V8 API: A number of V8 C++ APIs have been marked as deprecated * Workers: + Added debugging support for Workers via DevTools protocol + The public inspector module is now enabled in Workers. - fix_ci_tests.patch: updated- fix_ci_tests.patch: fix unit tests- New upstream version 10.11.0: * fs: Fixed fsPromises.readdir withFileTypes. * http2: Added http2stream.endAfterHeaders property. * util: Added util.types.isBoxedPrimitive(value). - 21257.diff: drop the patch in favour of running node compilation by redirecting stdio through a FIFO - versioned.patch: refreshed - fix_ci_tests.patch: explicity disable doc target in unit tests- New upstream version 10.10.0: * child_process: TypedArray and DataView values are now accepted as input by execFileSync and spawnSync. * coverage: Native V8 code coverage information can now be output to disk by setting the environment variable NODE_V8_COVERAGE to a directory. * deps: The bundled npm was upgraded to version 6.4.1. * fs: + The methods fs.read, fs.readSync, fs.write, fs.writeSync, fs.writeFile and fs.writeFileSync now all accept TypedArray and DataView objects. + A new boolean option, withFileTypes, can be passed to fs.readdir and fs.readdirSync. If set to true, the methods return an array of directory entries. These are objects that can be used to determine the type of each entry and filter them based on that without calling fs.stat. * http2: The http2 module is no longer experimental. * os: Added two new methods: os.getPriority and os.setPriority, allowing to manipulate the scheduling priority of processes. * process: Added process.allowedNodeEnvironmentFlags. This object can be used to programmatically validate and list flags that are allowed in the NODE_OPTIONS environment variable. * src: Deprecated option variables in public C++ API. * vm: Added vm.compileFunction, a method to create new JavaScript functions from a source body, with options similar to those of the other vm methods. - 21257.diff: refresh patch (and make it forward apply) - versioned.patch, env_shebang.path: refreshed- 21257.diff: Revert an upstream revert that resulted that stdout remaining O_NONBLOCK during build process. This resulted in build failures.- New upstream release 10.9.0: * buffer: + Fix out-of-bounds (OOB) write in Buffer.write() for UCS-2 encoding (CVE-2018-12115, bsc#1105019) + Fix unintentional exposure of uninitialized memory in Buffer.alloc() (bsc#1105018, CVE-2018-7166) * deps: Upgrade to OpenSSL 1.0.2p, fixing: + Client DoS due to large DH parameter (CVE-2018-0732, bsc#1097158) + ECDSA key extraction via local side-channel * http: http.get() and http.request() (and https variants) now accept three arguments to allow for a URL and options object- New upstream release 10.8.0: * deps: upgrade npm to 6.2.0 - Changes in version 10.7.0: * console: The console.timeLog() method has been implemented. * http: Added support for passing both timeout and agent options to http.request. * inspector: Expose the original console API in require('inspector').console. * napi: Added experimental support for functions dealing with bigint numbers. * process: + The process.hrtime.bigint() method has been implemented. + Added the --title command line argument to set the process title on startup. * trace_events: Added process_name metadata. - icu_small_grouping.patch: upstreamed - versioned.patch, env_shebang.patch: refreshed - update Jan's description changes for grammar and merge into git- Ensure neutrality of description. - Use %make_install.- New upstream release 10.6.0: * dns: An experimental promisified version of the dns module is now available. Give it a try with require('dns').promises. * fs: fs.lchown has been undeprecated now that libuv supports it. * lib: Atomics.wake is being renamed to Atomics.notify in the ECMAScript specification (reference). Since Node.js now has experimental support for worker threads, we are being proactive and added a notify alias, while emitting a warning if wake is used. * n-api: Add API for asynchronous functions. * util: util.inspect is now able to return a result instead of throwing when the maximum call stack size is exceeded during inspection. * vm: Add script.createCachedData(). This API replaces the produceCachedData option of the Script constructor that is now deprecated * worker: Support for relative paths has been added to the Worker constructor. Paths are interpreted relative to the current working directory. - versioned.patch: refreshed- New upstream release 10.5.0: * crypto: Support for crypto.scrypt() has been added * fs: + APIs that take mode as arguments no longer throw on values larger than 0o777 + BigInt support has been added to fs.stat and fs.watchFile + Fix crashes in closed event watchers. * worker_threads: multi-threading has been added behind the - -experimental-worker flag in the worker_threads module. This feature is *experimental* and may receive breaking changes at any time. - npm_search_paths.patch: Fix typo causing npm to not work- New upstream release 10.4.1: * Fixes memory exhaustion DoS: Fixes a bug that increases the memory consumed when reading from the network into JavaScript using the net.Socket object directly as a stream (CVE-2018-7164, bsc#1097537) * http2: + Fixes Denial of Service vulnerability by updating the http2 implementation to not crash under certain circumstances during cleanup (CVE-2018-7161, bsc#1097404) + Unbundled nghttp2 to fix Denial of Service vulnerability (CVE-2018-1000168, bsc#1097401) * tls: Fixes Denial of Service vulnerability by updating the TLS implementation to not crash upon receiving (CVE-2018-7162, bsc#1097538)- New upstream release 10.4.0: * deps: update V8 to 6.7.288.43 * stream: ensure Stream.pipeline re-throws errors without callback - Changes in version 10.3.0: * deps: upgrade npm to 6.1.0 * fs: fix reads with pos > 4GB * net: new option to allow IPC servers to be readable and writable by all users * stream: fix removeAllListeners() for Stream.Readable to work as expected when no arguments are passed npm_search_paths.patch: no longer override explicitly prefixed etc/ versioned.patch, env_shebang.patch: refreshed- New upstream release 10.2.0: * addons: Fixed a memory leak for users of AsyncResource and N-API. * assert: The error parameter of assert.throws() can now be an object containing regular expressions. * crypto: The authTagLength option has been made more flexible. * esm: Builtin modules now provide named exports in ES6 modules. * http: Handling of close and aborted events has been made more consistent. * module: add --preserve-symlinks-main * timers: timeout.refresh() has been added to the public API. - fix_ci_tests.patch: refreshed - versioned.patch: refreshed- use gcc7 for SLE12 - versioned.patch: set node version in environment to 10 - manual_configure.patch: configure nghttp2 correctly - icu_small_grouping.patch: prevents undefined behaviour possibility- New upstream release 10.1.0: * console: make console.table() use colored inspect * fs: move fs/promises to fs.promises * http: added aborted property to request * n-api: initialize a module via a special symbol * src: add public API to expose the main V8 Platform - Changes in version 10.0.0: * Assert: + Calling assert.fail() with more than one argument is deprecated. + Calling assert.ok() with no arguments will now throw. + Calling assert.ifError() will now throw with any argument other than undefined or null. Previously the method would throw with any truthy value. * Async_hooks: + Older experimental async_hooks APIs have been removed. * Buffer: + Uses of new Buffer() and Buffer() outside of the node_modules directory will now emit a runtime deprecation warning. + Buffer.isEncoding() now returns undefined for falsy values, including an empty string. + Buffer.fill() will throw if an attempt is made to fill with an empty Buffer. * Child Process: Undefined properties of env are ignored. * console: console.table() method has been added. * crypto: + The crypto.createCipher() and crypto.createDecipher() methods have been deprecated. Please use crypto.createCipheriv() and crypto.createDecipheriv() instead. + The decipher.finaltol() method has been deprecated. + The crypto.DEFAULT_ENCODING property has been deprecated. + The ECDH.convertKey() method has been added. + The crypto.fips property has been deprecated. * deps: + V8 has been updated to 6.6 + npm upgraded to 5.8.0 * EventEmitter: + The EventEmitter.prototype.off() method has been added as an alias for EventEmitter.prototype.removeListener(). * File System: + The fs/promises API provides experimental promisified versions of the fs functions. + Invalid path errors are now thrown synchronously. + fs.readFile() method now partitions reads to avoid thread pool exhaustion. * http: + Processing of HTTP Status codes 100, 102-199 has been improved. + Multi-byte characters in URL paths are now forbidden. * N-API: The n-api is no longer experimental. * net: The 'close' event will be emitted after 'end'. * perf_hooks: + The PerformanceObserver class is now an AsyncResource and can be monitored using async_hooks. + Trace events are now emitted for performance events. + The performance API has been simplified. + Performance milestone marks will be emitted as trace events. * process: + Using non-string values for process.env is deprecated. + The process.assert() method is deprecated. * repl: + REPL now experimentally supports top-level await when using the --experimental-repl-await flag. + The previously deprecated "magic mode" has been removed. + The previously deprecated NODE_REPL_HISTORY_FILE environment variable has been removed. + Proxy objects are shown as Proxy objects when inspected. * streams: + The 'readable' event is now always deferred with nextTick. + A new pipeline() method has been provided for building end-to-data stream pipelines. + support for async for-await has been added to stream.Readable * timers: The enroll() and unenroll() methods have been deprecated * tls: + The tls.convertNPNProtocols() method has been deprecated. + Support for NPN (next protocol negotiation) has been dropped. + The ecdhCurve default is now 'auto'. * Trace Events: + A new trace_events top-level module allows trace event categories to be enabled/disabled at runtime. * URL: The WHATWG URL API is now a global. * Util: + util.types.is[…] type checks have been added. + Support for bigint formatting has been added to util.inspect(). - OpenSSL 1.1.0+ is required. - versioned.patch: rebased- New upstream release 9.11.1: * deps: Updated ICU to 61.1 * fs: Emit 'ready' event for ReadStream and WriteStream * n-api: Bump version of n-api supported to 3 * net: Emit 'ready' event for Socket - versioned.patch, nodejs-libpath.patch: refreshed- Install license with %license, not %doc (bsc#1082318)- Fix some node-gyp permissions- New upstream release 9.10.1: * Security fixes: + Fix for inspector DNS rebinding vulnerability (bsc#1087463, CVE-2018-7160) + Fix for 'path' module regular expression denial of service (bsc#1087459, CVE-2018-7158) + Reject spaces in HTTP Content-Length header values (bsc#1087453, CVE-2018-7159) * cluster: Add support for NODE_OPTIONS="--inspect" * crypto: Expose the public key of a certificate * n-api: Add napi_fatal_exception to trigger an uncaughtException in JavaScript * path: Fix regression in posix.normalize * stream: Improve stream creation performance * update bundled OpenSSL for codestreams older than SLE12:SP2- New upstream release 9.9.0: * assert: From now on all error messages produced by assert in strict mode will produce a error diff. * crypto: allow passing null as IV unless required * fs: support as and as+ flags in stringToFlags() * tls: expose Finished messages in TLSSocket * tty: Add getColorDepth function to determine if terminal supports colors. * util: add util.inspect compact option - Changes in version 9.8.0: * crypto: add cert.fingerprint256 as SHA256 fingerprint * http2: Fixed issues with aborted connections * loader: --inspect-brk now works properly for esmodules * src: make process.dlopen() load well-known symbol * trace_events: add file pattern cli option - remove any old manpage files in %pre from before update-alternatives were used to manage symlinks to these manpages.- New upstream release 9.7.1/9.7.0: * deps: libuv updated to 1.19.2 * src: Add initial support for Node.js-specific post-mortem metadata * timers: return value of setImmediate() now has ref() and unref() * util: platform-specific error codes now have string representation - Changes in version 9.6.0: * async_hooks: + deprecate unsafe emit{Before,After} + rename PromiseWrap.parentId to PromiseWrap.isChainedPromise * deps: + update node-inspect to 1.11.3 + ICU 60.2 bump + Introduce ScriptOrModule and HostDefinedOptions to V8 * http: add options to http.createServer() for IncomingMessage and ServerReponse * http2: add http fallback options to .createServer * https: Adds the remaining options from tls.createSecureContext() to the string generated by Agent#getName(). This allows https.request() to accept the options and generate unique sockets appropriately. * inspector: --inspect-brk for es modules * lib: allow process kill by signal number * module: enable dynamic import * n-api: add methods to open/close callback scope * src: allow --perf-(basic-)?prof in NODE_OPTIONS * vm: add support for es modules - gyp_to_python3.patch: attempt to add support for python3. - fix_ci_tests.patch, versioned.patch: refreshed- Add Recommends and BuildRequire on python2 for npm. node-gyp requires this old version of python for now. This is only needed for binary modules.- Fix spec file typo - Use gcc7 on Leap 42.3- New upstream release 9.5.0: * cluster: add cwd to cluster.settings * deps: libuv upgraded to 1.19.1 * n-api: expose n-api version in proces.versions * perf_hooks: add performance.clear() * stream: avoid writeAfterEnd() - Changes in release 9.4.0: * async_hooks: deprecate AsyncHooks Sensitive API and runInAsyncIdScope. Neither was documented. * deps: + upgrade nghttp2 to 1.29.0 + upgrade npm to 5.6.0 * http2: + implement maxSessionMemory + add initial support for originSet + add altsvc support + perf_hooks integration * net: remove Socket.prototype.listen * repl: show lexically scoped vars in tab completion * stream: + remove writeableState.length and readableState.length + add flow and buffer properties to streams * util: allow windcards in NODE_DEBUG variable * zlib: add ArrayBuffer support- even on recent codestreams there is no binutils gold on s390 only on s390x- nodejs-sle11-python26-check_output.patch: refreshed- Enable CI tests in %check target + fix_ci_tests.patch: - DNS queries in buildroots are failing with EAI_AGAIN - disable test-module-loading-globalpaths.js - we have hardcoded global paths + versioned.patch: call versioned node binary for tests - node-gyp-addon-gypi.patch: fix typo allowing unit tests to compile- New upstream release 9.3.0: * async_hooks: + add trace events to async_hooks + add provider types for net server * console: console.debug can now be used outside of the inspector * deps: + upgrade libuv to 1.18.0 + patch V8 to 6.2.414.46 * module.builtinModules will return a list of built in modules * n-api: add helper for addons to get the event loop * process: + process.setUncaughtExceptionCaptureCallback can now be used to customize behavior for --abort-on-uncaught-exception + A signal handler is now able to receive the signal code that triggered the handler. * stream: writable.writableHighWaterMark and readable.readableHighWaterMark will return the values the stream object with which it was instantiated. - Dropped 8334.diff - no longer needed- New upstream release 9.2.1: * buffer: buffers allocated with an invalid content will now be zero filled [ CVE-2017-15897 ] * deps/openssl: updated to 1.0.2n (only applies to SLE 12 SP1 and lower) (bsc#1072322) [ CVE-2017-3738 CVE-2017-15896 ] - Remove unnecessary curl BuildRequires - Enable gold linker on s390x (TW and SLE/Leap 15) - Build with bundled ICU if system ICU not available (only applies to SLE 11/12 and Leap 42.x)- Change BuildRequires from openssl-devel to libopenssl-1_0_0-devel due to Tumbleweed/Leap 15 change to OpenSSL 1.1.0 as default- Update nodejs.keyring based on current Release Team as found on https://github.com/nodejs/node#release-team - New upstream version 9.2.0 * crypto: Support building with both OpenSSL 1.1.0 * fs: fs.realpathSync.native and fs.realpath.native are now exposed * process: expose process.ppid- Fix permissions of node-gyp. This should be executable to allow building of binary node modules.- New upstream version 9.1.0 * cli: NODE_OPTIONS now supports the --stack-trace-limit option. * http: + A 'connect' event handler leak has been fixed. + The 103 Early Hints status code is now supported. - Changes in upstream version 9.0.0 * async: Older experimental APIs have been removed. * errors: The assignment of static error codes to Node.js errors * child_processes: Errors are emitted on process nextTick. * domains: The long-deprecated .dispose() method has been removed * fs: + fs.ReadStream and fs.WriteStream classes now use destroy(). + module callbacks are now invoked with an undefined context. * HTTP/1: + 400 Bad Request response will now be sent when parsing fails. + Socket timeout will be set when the socket connects. + A bug causing the request 'error' event to fire twice is fixed. + HTTP clients may now use generic Duplex streams in addition to net.Socket. * intl: The deprecated Intl.v8BreakIterator has been removed. * os: The os.EOL property is now read-only * timers: setTimeout() will emit a warning if the timeout is larger that the maximum 32-bit unsigned integer. - .changes file trimmed to only include changes relative to 9.x line. If you would like to see older changes, please see nodejs8 package. - icu59.patch 0f3e69db.patch: removed empty patcheslamb60 1630679497  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~10.24.1-lp152.2.18.1nodejs10-docsapiaddons.htmladdons.jsonaddons.mdall.htmlall.jsonassert.htmlassert.jsonassert.mdassetssh.csssh_javascript.min.jssh_main.jsstyle.cssasync_hooks.htmlasync_hooks.jsonasync_hooks.mdbuffer.htmlbuffer.jsonbuffer.mdchild_process.htmlchild_process.jsonchild_process.mdcli.htmlcli.jsoncli.mdcluster.htmlcluster.jsoncluster.mdconsole.htmlconsole.jsonconsole.mdcrypto.htmlcrypto.jsoncrypto.mddebugger.htmldebugger.jsondebugger.mddeprecations.htmldeprecations.jsondeprecations.mddgram.htmldgram.jsondgram.mddns.htmldns.jsondns.mddocumentation.htmldocumentation.jsondocumentation.mddomain.htmldomain.jsondomain.mderrors.htmlerrors.jsonerrors.mdesm.htmlesm.jsonesm.mdevents.htmlevents.jsonevents.mdfs.htmlfs.jsonfs.mdglobals.htmlglobals.jsonglobals.mdhttp.htmlhttp.jsonhttp.mdhttp2.htmlhttp2.jsonhttp2.mdhttps.htmlhttps.jsonhttps.mdindex.htmlindex.jsonindex.mdinspector.htmlinspector.jsoninspector.mdintl.htmlintl.jsonintl.mdmodules.htmlmodules.jsonmodules.mdn-api.htmln-api.jsonn-api.mdnet.htmlnet.jsonnet.mdos.htmlos.jsonos.mdpath.htmlpath.jsonpath.mdperf_hooks.htmlperf_hooks.jsonperf_hooks.mdprocess.htmlprocess.jsonprocess.mdpunycode.htmlpunycode.jsonpunycode.mdquerystring.htmlquerystring.jsonquerystring.mdreadline.htmlreadline.jsonreadline.mdrepl.htmlrepl.jsonrepl.mdstream.htmlstream.jsonstream.mdstring_decoder.htmlstring_decoder.jsonstring_decoder.mdsynopsis.htmlsynopsis.jsonsynopsis.mdtimers.htmltimers.jsontimers.mdtls.htmltls.jsontls.mdtracing.htmltracing.jsontracing.mdtty.htmltty.jsontty.mdurl.htmlurl.jsonurl.mdutil.htmlutil.jsonutil.mdv8.htmlv8.jsonv8.mdvm.htmlvm.jsonvm.mdworker_threads.htmlworker_threads.jsonworker_threads.mdzlib.htmlzlib.jsonzlib.md/usr/share/doc/packages//usr/share/doc/packages/nodejs10-docs//usr/share/doc/packages/nodejs10-docs/api//usr/share/doc/packages/nodejs10-docs/api/assets/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:16904/openSUSE_Leap_15.2_Update/1ee81da503f6803636224b8e3ca898b0-nodejs10.openSUSE_Leap_15.2_Updatedrpmxz5x86_64-suse-linux        directoryHTML document, UTF-8 Unicode text, with very long linesC++ source, ASCII textHTML document, ASCII text, with very long linesexported SGML document, ASCII textASCII textexported SGML document, ASCII text, with very long lines, with no line terminatorsassembler source, ASCII textexported SGML document, UTF-8 Unicode textJava source, ASCII textexported SGML document, ASCII text, with very long linesC source, UTF-8 Unicode textUTF-8 Unicode text, with very long linesAlgol 68 source, UTF-8 Unicode textGmv R}7utf-8a41b85321706fd8d4ad3768791b78c41343730fa44f211ed52dd72e27f3100ae?P7zXZ !t/^]"k%kbka^Q0G[2P đ@'Z=8zUqދ֣Z xZY ÚAѾ;"O /͗ {ک,ccm`l8{#Ձ^^0ٻ;F;>\F҅Tx&uO,7 CI^Yet IW1}i{e:Dk.U,뎸pVq53F'![WyBTIƧ5붺[xԨy4[Iq=tI~%DdjOK@4cR ],x9f"I^SXʫ'$<%~~R|I?< ѪƍЋ3k߿ ^[ٲ#v+J݅ 7`?Tz]NMMC"HB)ۍ\r77܈ټ=a70߬"/(/}`xzVJud(q= c(]X>ʽƻ^ѵ2O!8se Nk2$hjr}`@AG[! ']UOTg{7ʻ7MΚ[d&Ґ!gŕ?'quojqqOci!3 !'Rs{֭rH~l͚$fM%Y "V q z%zK7z.ɘWfr.l澖)h8Vp$x`< ħ K]s/y۔Oܥmf,1P, ,…25?i;7EWbKsx* Bݝ4tR?[PLR$7Hh_*̷: <"LeMnu\Б/SJG%|97jQimlɩ^wER68G(xqGzeP=hkQfuhYiBA.&ado řTyv bݩ3qxt pơ2V4LRl-9cyfj"0UL3 NyhU8{K;r[QM %~'K?>*8`KkL-KטmSe"JĬ{'ߙ Aeju5򏳸Jj0c!x͢SS 魮iNO}Lj¾[&%U*_n{偰?&? /[ªx_x&R"n75~mu$9r5{GG}̈XaY=H[8Cs2ܼWr+OsH?M55%C7`+[]K2&IqX KO7vʁgax*XDt}4.+i(*;%)z9@eCt+k"6"CzRrn t'Oߢ+5P-c('S@9ѓp>5;/틆ON֮cR)YǤPeuaʇyJJv)/CuN~*?u2,MPUn#l/SZuIص>9{*-j^k.XD+dXN'}%zɘ ͵4N YZ