Notable changes events: getEventListeners static (Benjamin Gruenbaum) #35991 fs: support abortsignal in writeFile (Benjamin Gruenbaum) #35993 add support for AbortSignal in readFile (Benjamin Gruenbaum) #35911 stream: fix thrown object reference (Gil Pedersen) #36065 Commits [ 19d9a044c1b ] – benchmark: ignore build artifacts for napi addons (Richard Lau) #35970 [ 14c6de854be Read more…
Notable Changes Diagnostics channel (experimental module) 1diagnostics_channel is a new experimental module that provides an API to create named channels to report arbitrary message data for diagnostics purposes. With 1diagnostics_channel , Node.js core and module authors can publish contextual data about what they are doing at a given time. This Read more…
Notable changes This is a security release. Vulnerabilities fixed: CVE-2020-8265: use-after-free in TLSWrap (High) Affected Node.js versions are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method Read more…
Notable Changes Vulnerabilities fixed: CVE-2020-1971: OpenSSL – EDIPARTYNAME NULL pointer de-reference (High) This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20201208.txt CVE-2020-8265: use-after-free in TLSWrap (High) Affected Node.js versions are vulnerable to a use-after-free bug in its TLS implementation. Read more…
Notable Changes [ 1110063d694 ] – (SEMVER-MINOR) crypto: add generatePrime/checkPrime (James M Snell) #36997 [ 153a0bdff47 ] – (SEMVER-MINOR) crypto: experimental (Ed/X)25519/(Ed/X)448 support (James M Snell) #36879 [ 103460432af ] – deps: upgrade npm to 7.5.0 (Ruy Adorno) #37117 This update adds a new 1npm diff command. [ 12c7ad38c75 ] Read more…
Notable changes Release keys have been synchronized with the main branch. deps: upgrade npm to 6.14.11 (Darcy Clarke) #36838 Commits [ 1cc6b69557a ] – deps: upgrade npm to 6.14.11 (Darcy Clarke) #36838 [ 1aefb66528a ] – doc: update contact information for @BethGriggs (Beth Griggs) #35451 [ 108931481d8 ] – doc: Read more…
Notable changes buffer: introduce Blob (James M Snell) #36811 add base64url encoding option (Filip Skokan) #36952 doc: add @iansu to collaborators (Ian Sutherland) #36951 add @RaisinTen to collaborators (Darshan Sen) #36998 add @miladfarca to collaborators (Milad Fa) #36934 fs: allow 1position parameter to be a 1BigInt in read and readSync Read more…
Notable Changes child_process: add ‘overlapped’ stdio flag (Thiago Padilha) #29412 support AbortSignal in fork (Benjamin Gruenbaum) #36603 crypto: implement basic secure heap support (James M Snell) #36779 fixup bug in keygen error handling (James M Snell) #36779 introduce X509Certificate API (James M Snell) #36804 implement randomuuid (James M Snell) #36729 Read more…
Notable changes This is a security release. Vulnerabilities fixed: CVE-2020-8265: use-after-free in TLSWrap (High) Affected Node.js versions are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method Read more…
