Notable changes events: getEventListeners static (Benjamin Gruenbaum) #35991 fs: support abortsignal in writeFile (Benjamin Gruenbaum) #35993 add support for AbortSignal in readFile (Benjamin Gruenbaum) #35911 stream: fix thrown object reference (Gil Pedersen) #36065 Commits [ 19d9a044c1b ] – benchmark: ignore build artifacts for napi addons (Richard Lau) #35970 [ 14c6de854be Read more…
Notable changes buffer: introduce Blob (James M Snell) #36811 add base64url encoding option (Filip Skokan) #36952 doc: add @iansu to collaborators (Ian Sutherland) #36951 add @RaisinTen to collaborators (Darshan Sen) #36998 add @miladfarca to collaborators (Milad Fa) #36934 fs: allow 1position parameter to be a 1BigInt in read and readSync Read more…
Notable Changes child_process: add ‘overlapped’ stdio flag (Thiago Padilha) #29412 support AbortSignal in fork (Benjamin Gruenbaum) #36603 crypto: implement basic secure heap support (James M Snell) #36779 fixup bug in keygen error handling (James M Snell) #36779 introduce X509Certificate API (James M Snell) #36804 implement randomuuid (James M Snell) #36729 Read more…
Notable changes This is a security release. Vulnerabilities fixed: CVE-2020-8265: use-after-free in TLSWrap (High) Affected Node.js versions are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method Read more…
Notable changes This is a security release. Vulnerabilities fixed: CVE-2020-8265: use-after-free in TLSWrap (High) Affected Node.js versions are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method Read more…
Notable Changes Vulnerabilities fixed: CVE-2020-1971: OpenSSL – EDIPARTYNAME NULL pointer de-reference (High) This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20201208.txt CVE-2020-8265: use-after-free in TLSWrap (High) Affected Node.js versions are vulnerable to a use-after-free bug in its TLS implementation. Read more…
Notable Changes [ 1110063d694 ] – (SEMVER-MINOR) crypto: add generatePrime/checkPrime (James M Snell) #36997 [ 153a0bdff47 ] – (SEMVER-MINOR) crypto: experimental (Ed/X)25519/(Ed/X)448 support (James M Snell) #36879 [ 103460432af ] – deps: upgrade npm to 7.5.0 (Ruy Adorno) #37117 This update adds a new 1npm diff command. [ 12c7ad38c75 ] Read more…
Notable changes Release keys have been synchronized with the main branch. deps: upgrade npm to 6.14.11 (Darcy Clarke) #36838 Commits [ 1cc6b69557a ] – deps: upgrade npm to 6.14.11 (Darcy Clarke) #36838 [ 1aefb66528a ] – doc: update contact information for @BethGriggs (Beth Griggs) #35451 [ 108931481d8 ] – doc: Read more…
(Update 12-June-2018) Security releases available Summary Updates are now available for all active Node.js release lines. These include the fix for the vulnerabilities identified in the initial announcement (below). We recommend that all users upgrade as soon as possible. Downloads & release details Node.js 10.4.1 (Current) Node.js 9.11.2 Node.js 8.11.3 Read more…
(Update 28-March-2018) Security releases available Summary Updates are now available for all active Node.js release lines. These include the fix for the vulnerabilities identified in the initial announcement (below). In addition to the vulnerabilities in the initial announcement, we have also included a fix for a vulnerability in the Node.js Read more…
