This update brings the new upstream nodejs LTS version 4.6.0, fixing bugs
and security issues:
- Nodejs embedded openssl version update
- upgrade to 1.0.2j (CVE-2016-6304, CVE-2016-2183, CVE-2016-2178,
CVE-2016-6306, CVE-2016-7052)
- remove support for dynamic 3rd party engine modules
- http: Properly validate for allowable characters in input user data.
This introduces a new case where throw may occur when configuring HTTP
responses, users should already be adopting try/catch here.
(CVE-2016-5325, bsc#985201)
- tls: properly validate wildcard certificates (CVE-2016-7099, bsc#1001652)
- buffer: Zero-fill excess bytes in new Buffer objects created with
Buffer.concat()