Notable Changes OpenSSL 1.1.1s This update is a bugfix release and does not address any security vulnerabilities. Root certificates updated to NSS 3.85 Certificates added: Autoridad de Certificacion Firmaprofesional CIF A62634068 Certainly Root E1 Certainly Root R1 D-TRUST BR Root CA 1 2020 D-TRUST EV Root CA 1 2020 DigiCert Read more…
Notable changes Time zone update Time zone data has been updated to 2022f. This includes changes to Daylight Savings Time (DST) for Fiji and Mexico. For more information, see https://mm.icann.org/pipermail/tz-announce/2022-October/000075.html. Other notable changes buffer (SEMVER-MINOR) introduce 1File class (Khafra) #45139 deps update V8 to 10.8.168.20 (MichaĆ«l Zasso) #45230 doc deprecate Read more…
Notable changes Support function mocking on Node.js test runner The 1node:test module supports mocking during testing via a top-level 1mock object. 123456789101112test(‘spies on an object method’, (t) => { const number = { value: 5, add(a) { return this.value + a; Read more…
Notable changes The following CVEs are fixed in this release: CVE-2022-3602: X.509 Email Address 4-byte Buffer Overflow (High) CVE-2022-3786: X.509 Email Address Variable Length Buffer Overflow (High) CVE-2022-43548: DNS rebinding in –inspect via invalid octal IP address (Medium) More detailed information on each of the vulnerabilities can be found in Read more…
Notable changes The following CVEs are fixed in this release: CVE-2022-3602: X.509 Email Address 4-byte Buffer Overflow (High) CVE-2022-3786: X.509 Email Address Variable Length Buffer Overflow (High) CVE-2022-43548: DNS rebinding in –inspect via invalid octal IP address (Medium) More detailed information on each of the vulnerabilities can be found in Read more…
Notable changes The following CVEs are fixed in this release: CVE-2022-43548: DNS rebinding in –inspect via invalid octal IP address (Medium) More detailed information on each of the vulnerabilities can be found in November 2022 Security Releases blog post. Commits [ 19ffddd7098 ] – inspector: harden IP address validation again Read more…
Notable changes The following CVEs are fixed in this release: CVE-2022-43548: DNS rebinding in –inspect via invalid octal IP address (Medium) More detailed information on each of the vulnerabilities can be found in November 2022 Security Releases blog post. Commits [ 12b433af094 ] – inspector: harden IP address validation again Read more…
Notable changes deps: update corepack to 0.14.2 (Node.js GitHub Bot) #44775 src: add –openssl-shared-config option (Daniel Bevenius) #43124 Commits [ 1773f587912 ] – deps: cherry-pick libuv/libuv@3a7b955 (Ben Noordhuis) #43950 [ 1a1dea66956 ] – deps: cherry-pick libuv/libuv@abb109f (Ben Noordhuis) #43950 [ 198c49d81f5 ] – deps: update corepack to 0.14.2 (Node.js GitHub Read more…
Notable Changes This release marks the transition of Node.js 18.x into Long Term Support (LTS) with the codename ‘Hydrogen’. The 18.x release line now moves into “Active LTS” and will remain so until October 2023. After that time, it will move into “Maintenance” until end of life in April 2025. Read more…
Notable Changes Deprecations and Removals [ 17dd2f41c73 ] – (SEMVER-MAJOR) module: runtime deprecate exports double slash maps (Guy Bedford) #44495 [ 1ada2d053ae ] – (SEMVER-MAJOR) process: runtime deprecate coercion to integer in 1process.exit() (Daeyeon Jeong) #44711 HTTP(S)/1.1 KeepAlive by default Starting with this release, Node.js sets 1keepAlive to true by Read more…
