Notable changes Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531) Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js was accepting URI SAN types, which PKIs are often not defined to use. Additionally, Read more…
Notable changes Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531) Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js was accepting URI SAN types, which PKIs are often not defined to use. Additionally, Read more…
Notable changes Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531) Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js was accepting URI SAN types, which PKIs are often not defined to use. Additionally, Read more…
Notable changes Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531) Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js was accepting URI SAN types, which PKIs are often not defined to use. Additionally, Read more…
Notable changes OpenSSL-3.0.1 OpenSSL-3.0.1 contains a fix for CVE-2021-4044: Invalid handling of X509_verify_cert() internal errors in libssl (Moderate). This is a vulnerability in OpenSSL that may be exploited through Node.js. More information can be read here: https://www.openssl.org/news/secadv/20211214.txt. Contributed by Richard Lau #41177. Other Notable Changes lib: make AbortSignal cloneable/transferable (James Read more…
Notable Changes This release contains a c-ares update to fix a regression introduced in Node.js 12.22.5 resolving CNAME records containing underscores #39780. Root certificates have been updated to those from Mozilla’s Network Security Services 3.71 #40281. Commits [ 12d42295d2a ] – build: pin macOS GitHub runner to macos-10.15 (Richard Lau) Read more…
Notable Changes [ 1c14eb2325d ] – deps: upgrade npm to 8.1.2 (npm team) #40643 [ 1a901b6c53c ] – deps: update c-ares to 1.18.1 (Richard Lau) #40660 This release contains a c-ares update to fix a regression introduced in Node.js v16.6.2 resolving CNAME records containing underscores (#39780). [ 1755c08573f ] – Read more…
Notable Changes [ 106916490af ] – (SEMVER-MINOR) async_hooks: expose async_wrap providers (Rafael Gonzaga) #40760 [ 1371ee64c92 ] – (SEMVER-MINOR) deps: update V8 to 9.6.180.14 (MichaĆ«l Zasso) #40488 [ 1675c210b04 ] – (SEMVER-MINOR) lib: add reason to AbortSignal (James M Snell) #40807 [ 10de2850680 ] – (SEMVER-MINOR) src: add x509.fingerprint512 to Read more…
Notable changes This release contains a c-ares update to fix a regression introduced in Node.js 14.17.5 resolving CNAME records containing underscores #39780. Also included are commits to allow Node.js 14 to continue to build and pass tests on our Jenkins CI, including adding Python 3.10 to the list of allowable Read more…
Notable Changes [ 189b34ecffb ] – doc: add VoltrexMaster to collaborators (voltrexmaster) #40566 [ 195e4d29eb4 ] – (SEMVER-MINOR) esm: add support for JSON import assertion (Antoine du Hamel) #40250 [ 11ddbae2d76 ] – (SEMVER-MINOR) lib: add unsubscribe method to non-active DC channels (simon-id) #40433 [ 1aa61551b49 ] – (SEMVER-MINOR) lib: Read more…
