#13162 closed enhancement (fixed)

node.js-12.16.1

Reported by: Bruce Dubbs Owned by: ken@…
Priority: normal Milestone: 9.1
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description (last modified by ken@…)

was: New point version (12.16.1). Bumping to 12.18 since we need to update to at least 12.17. The security link says "While this is not a critical update, all users of these release lines should upgrade at their earliest convenience."

2016-12-21, Version 0.12.18 (Maintenance), @rvagg

Notable changes:

npm: upgrade from v2.15.1 to v2.15.11, including accurate updated license (Jeremiah Senkpiel) process: process.versions.ares now outputs the c-ares version (Johan Bergström)

Commits:

[a47fd4549d] - build: add working lint-ci make target (Rod Vagg) https://github.com/nodejs/node/pull/9151 [830584ca59] - deps: define missing operator delete functions (John Barboza) https://github.com/nodejs/node/pull/10356 [c130b31cba] - deps: upgrade npm to 2.15.11 (Jeremiah Senkpiel) https://github.com/nodejs/node/pull/9619 [bc6766d847] - doc: update npm license in main LICENSE file (Rod Vagg) https://github.com/nodejs/node/pull/10352 [0cdf344c80] - (SEMVER-MINOR) process: reintroduce ares to versions (Johan Bergström) https://github.com/nodejs/node/pull/9191 [d8e27ec30a] - test: mark dgram-multicast-multi-process as flaky (Rod Vagg) https://github.com/nodejs/node/pull/9150 [c722335ead] - tls: fix minor jslint failure (Rod Vagg) https://github.com/nodejs/node/pull/9107

2016-10-18, Version 0.12.17 (Maintenance), @rvagg

This is a security release. All Node.js users should consult the security release summary at https://nodejs.org/en/blog/vulnerability/october-2016-security-releases/ for details on patched vulnerabilities.

Notable changes:

c-ares: fix for single-byte buffer overwrite, CVE-2016-5180, more information at https://c-ares.haxx.se/adv_20160929.html (Daniel Stenberg)

Change History (10)

comment:1 by ken@…, 17 months ago

2020-02-18, Version 12.16.1 'Erbium' (LTS), @MylesBorins Notable changes

Node.js 12.16.0 included 6 regressions that are being fixed in this release

Accidental Unflagging of Self Resolving Modules:

12.16.0 included a large update to the ESM implementation. One of the new features, Self Referential Modules, was accidentally released without requiring the --experimental-modules flag. This release is being made to appropriately flag the feature.

Process Cleanup Changed Introduced WASM-Related Assertion:

A change during Node.js process cleanup led to a crash in combination with specific usage of WASM. This has been fixed by partially reverted said change. A regression test and a full fix are being worked on and will likely be included in future 12.x and 13.x releases.

Use Largepages Runtime Option Introduced Linking Failure:

A Semver-Minor change to introduce --use-largepages as a runtime option introduced a linking failure. This had been fixed in master but regressed as the fix has not yet gone out in a Current release. The feature has been reverted, but will be able to reland with a fix in a future Semver-Minor release.

Async Hooks was Causing an Exception When Handling Errors:

Changes in async hooks internals introduced a case where an internal api call could be called with undefined causing a process to crash. The change to async hooks was reverted. A regression test and fix has been proposed and the change could re-land in a future Semver-Patch release if the regression is reliably fixed.

New Enumerable Read-Only Property on EventEmitter breaks @types/extend

A new property for enumerating events was added to the EventEmitter class. This broke existing code that was using the @types/extend module for extending classses as @types/extend was attemping to write over the existing field which the new change made read-only. As this is the first property on EventEmitter that is read-only this feature could be considered Semver-Major. The new feature has been reverted but could re-land in a future Semver-Minor release if a non breaking way of applying it is found.

Exceptions in the HTTP parser were not emitting an uncaughtException

A refactoring to Node.js interanls resulted in a bug where errors in the HTTP parser were not being emitted by process.on('uncaughtException') when the async_hooks after hook exists. The fix to this bug has been included in this release.

comment:2 by ken@…, 17 months ago

Milestone: 9.29.1
Owner: changed from blfs-book to ken@…
Status: newassigned

I'm about to start a fresh build, will try this out.

If it still works enough for firefox, I guess this can go into 9.1 ?

comment:3 by ken@…, 17 months ago

Description: modified (diff)
Summary: node.js-12.16.1node.js-12.18

comment:4 by ken@…, 17 months ago

Priority: normalhigh

comment:5 by ken@…, 17 months ago

Source not yet available, I was accidentally looking at 0.12.18 (latest 0.12 instead of latest 12) from 2 years ago. Will have anotehr look tomorrow.

in reply to:  5 comment:6 by ken@…, 17 months ago

Replying to ken@…:

Source not yet available, I was accidentally looking at 0.12.18 (latest 0.12 instead of latest 12) from 2 years ago. Will have anotehr look tomorrow.

Ick. The security updates were also for 0.12.18 not 12.18. Reverting to 12.16.1, sorry for the noise

comment:7 by ken@…, 17 months ago

Summary: node.js-12.18node.js-12.16.1

comment:8 by ken@…, 17 months ago

Priority: highnormal

comment:9 by ken@…, 17 months ago

I'm surprised at how much quicker this builds on my haswell i7 compared to my ryzen 3400.

r22739

comment:10 by ken@…, 17 months ago

Resolution: fixed
Status: assignedclosed
Note: See TracTickets for help on using tickets.