deps: upgrade V8 to 4.5.103.35#3117
Closed
Uh oh!
There was an error while loading. Please reload this page.
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
Apply the latest fixes from V8 4.5 branch & bring us up to 4.5.103.35: * Disallow Object.observe calls on access checked objects. v8/v8@134e541 * Avoid excessive data copying for ExternalStreamingStream::SetBookmark. v8/v8@96dddb4
Member
indutny commented Sep 29, 2015
LGTM, if CI is green |
ContributorAuthor
ofrobots commented Sep 29, 2015
ContributorAuthor
ofrobots commented Sep 29, 2015
BTW, FYI, note that https://github.com/v8/v8 is the new home of the V8 github mirror. |
Member
bnoordhuis commented Sep 29, 2015
LGTM |
ContributorAuthor
ofrobots commented Sep 29, 2015
CI is green, but arm-v8 failed to run. I have launched an arm-only re-run here: https://ci.nodejs.org/job/node-test-commit-arm/766/ |
Contributor
trevnorris commented Sep 29, 2015
Looks like they're green. LGTM. |
Member
targos commented Sep 29, 2015
LGTM |
ContributorAuthor
ofrobots commented Sep 30, 2015
Added the land-on-4.x tag. I am assuming the release-magicians will land it. /cc @nodejs/release |
Contributor
Fishrock123 commented Sep 30, 2015
That is technically breaking, isn't it? Weird grey area. No real opinions here. |
Contributor
Fishrock123 commented Sep 30, 2015
cc @nodejs/lts ^ |
Member
rvagg commented Sep 30, 2015
I'm guessing v8/v8@134e541 is related to CVE-2015-1304. Seems like an appropriate bugfix to me that we want in v4, I'm fine with this so lgtm. |
Member
bnoordhuis commented Sep 30, 2015
No, it's a security fix. |
ofrobots added a commit that referenced this pull request Sep 30, 2015
Apply the latest fixes from V8 4.5 branch & bring us up to 4.5.103.35: * Disallow Object.observe calls on access checked objects. v8/v8@134e541 * Avoid excessive data copying for ExternalStreamingStream::SetBookmark. v8/v8@96dddb4 PR-URL: #3117 Reviewed-By: indutny - Fedor Indutny <[email protected]> Reviewed-By: bnoordhuis - Ben Noordhuis <[email protected]> Reviewed-By: trevnorris - Trevor Norris <[email protected]> Reviewed-By: targos - Michaël Zasso <[email protected]>
ContributorAuthor
ofrobots commented Sep 30, 2015
Landed on master in c273944. |
ofrobots added a commit that referenced this pull request Oct 2, 2015
Apply the latest fixes from V8 4.5 branch & bring us up to 4.5.103.35: * Disallow Object.observe calls on access checked objects. v8/v8@134e541 * Avoid excessive data copying for ExternalStreamingStream::SetBookmark. v8/v8@96dddb4 PR-URL: #3117 Reviewed-By: indutny - Fedor Indutny <[email protected]> Reviewed-By: bnoordhuis - Ben Noordhuis <[email protected]> Reviewed-By: trevnorris - Trevor Norris <[email protected]> Reviewed-By: targos - Michaël Zasso <[email protected]>
rvagg added a commit that referenced this pull request Oct 5, 2015
Notable changes * http: - Fix out-of-order 'finish' event bug in pipelining that can abort execution, fixes DoS vulnerability CVE-2015-7384 (Fedor Indutny) #3128 - Account for pending response data instead of just the data on the current request to decide whether pause the socket or not (Fedor Indutny) #3128 * libuv: Upgraded from v1.7.4 to v1.7.5, see release notes for details (Saúl Ibarra Corretgé) #3010 - A better rwlock implementation for all Windows versions - Improved AIX support * v8: - Upgraded from v4.5.103.33 to v4.5.103.35 (Ali Ijaz Sheikh) #3117 - Backported f782159 from v8's upstream to help speed up Promise introspection (Ben Noordhuis) #3130 - Backported c281c15 from v8's upstream to add JSTypedArray length in post-mortem metadata (Julien Gilli) #3031 PR-URL: #3128
rvagg added a commit that referenced this pull request Oct 5, 2015
Notable changes * http: - Fix out-of-order 'finish' event bug in pipelining that can abort execution, fixes DoS vulnerability CVE-2015-7384 (Fedor Indutny) #3128 - Account for pending response data instead of just the data on the current request to decide whether pause the socket or not (Fedor Indutny) #3128 * libuv: Upgraded from v1.7.4 to v1.7.5, see release notes for details (Saúl Ibarra Corretgé) #3010 - A better rwlock implementation for all Windows versions - Improved AIX support * v8: - Upgraded from v4.5.103.33 to v4.5.103.35 (Ali Ijaz Sheikh) #3117 - Backported f782159 from v8's upstream to help speed up Promise introspection (Ben Noordhuis) #3130 - Backported c281c15 from v8's upstream to add JSTypedArray length in post-mortem metadata (Julien Gilli) #3031 PR-URL: #3128
Contributor
MylesBorins commented Nov 17, 2015
landed in v4.x-staging in 5a9e795 |
Closed
Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment
10 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Pick up the latest fixes from V8 4.5 branch & bring us up to 4.5.103.35:
v8/v8@134e541
v8/v8@96dddb4
R=@targos, @bnoordhuis
/cc @nodejs/v8