Notable Changes [ 1ef6f98c2e3 ] – (SEMVER-MINOR) child_process: add support for URL to 1cp.fork (Antoine du Hamel) #41225 [ 1d62fe315c2 ] – (SEMVER-MINOR) crypto: alias webcrypto.subtle and webcrypto.getRandomValues on crypto (James M Snell) #41266 [ 1fcb37e9ce5 ] – doc: add Mesteery to collaborators (Mestery) #41543 [ 14079fc42b7 ] – (SEMVER-MINOR) Read more…
Notable changes Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531) Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js was accepting URI SAN types, which PKIs are often not defined to use. Additionally, Read more…
Notable changes Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531) Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js was accepting URI SAN types, which PKIs are often not defined to use. Additionally, Read more…
Notable changes Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531) Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js was accepting URI SAN types, which PKIs are often not defined to use. Additionally, Read more…
Notable changes Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531) Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js was accepting URI SAN types, which PKIs are often not defined to use. Additionally, Read more…
Notable changes OpenSSL-3.0.1 OpenSSL-3.0.1 contains a fix for CVE-2021-4044: Invalid handling of X509_verify_cert() internal errors in libssl (Moderate). This is a vulnerability in OpenSSL that may be exploited through Node.js. More information can be read here: https://www.openssl.org/news/secadv/20211214.txt. Contributed by Richard Lau #41177. Other Notable Changes lib: make AbortSignal cloneable/transferable (James Read more…
Notable Changes This release contains a c-ares update to fix a regression introduced in Node.js 12.22.5 resolving CNAME records containing underscores #39780. Root certificates have been updated to those from Mozilla’s Network Security Services 3.71 #40281. Commits [ 12d42295d2a ] – build: pin macOS GitHub runner to macos-10.15 (Richard Lau) Read more…
Notable Changes [ 1c14eb2325d ] – deps: upgrade npm to 8.1.2 (npm team) #40643 [ 1a901b6c53c ] – deps: update c-ares to 1.18.1 (Richard Lau) #40660 This release contains a c-ares update to fix a regression introduced in Node.js v16.6.2 resolving CNAME records containing underscores (#39780). [ 1755c08573f ] – Read more…
Notable Changes [ 106916490af ] – (SEMVER-MINOR) async_hooks: expose async_wrap providers (Rafael Gonzaga) #40760 [ 1371ee64c92 ] – (SEMVER-MINOR) deps: update V8 to 9.6.180.14 (Michaël Zasso) #40488 [ 1675c210b04 ] – (SEMVER-MINOR) lib: add reason to AbortSignal (James M Snell) #40807 [ 10de2850680 ] – (SEMVER-MINOR) src: add x509.fingerprint512 to Read more…
Notable changes This release contains a c-ares update to fix a regression introduced in Node.js 14.17.5 resolving CNAME records containing underscores #39780. Also included are commits to allow Node.js 14 to continue to build and pass tests on our Jenkins CI, including adding Python 3.10 to the list of allowable Read more…
