Nodejs/node
1
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2024-11-21 10:59:27 +00:00
Code Issues Actions 25 Packages Projects Releases Wiki Activity

2016-05-06 Version 0.12.14 (Maintenance) Release

Browse Source 
Notable changes:

* npm: Correct erroneous version number in v2.15.1 code
  (Forrest L Norvell) https://github.com/nodejs/node/pull/5988
* openssl: Upgrade to v1.0.1t, addressing security vulnerabilities
  (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
  - Fixes CVE-2016-2107 "Padding oracle in AES-NI CBC MAC check"
  - Fixes CVE-2016-2105 "EVP_EncodeUpdate overflow"
  - See https://nodejs.org/en/blog/vulnerability/openssl-may-2016/
    for full details
This commit is contained in:
Rod Vagg 2016-05-06 22:59:34 +10:00
parent 1ec421e122
commit 98b534ff5a
1 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
CHANGELOG.md
View File

@ -1,5 +1,27 @@
# Node.js ChangeLog
## 2016-05-06, Version 0.12.14 (Maintenance), @rvagg
### Notable changes:
* npm: Correct erroneous version number in v2.15.1 code (Forrest L Norvell) https://github.com/nodejs/node/pull/5988
* openssl: Upgrade to v1.0.1t, addressing security vulnerabilities (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
- Fixes CVE-2016-2107 "Padding oracle in AES-NI CBC MAC check"
- Fixes CVE-2016-2105 "EVP_EncodeUpdate overflow"
- See https://nodejs.org/en/blog/vulnerability/openssl-may-2016/ for full details
### Commits:
* [3e99ee1b47] - deps: completely upgrade npm in LTS to 2.15.1 (Forrest L Norvell) https://github.com/nodejs/node/pull/5988
* [2b63396e1f] - deps: add -no_rand_screen to openssl s_client (Shigeki Ohtsu) https://github.com/joyent/node/pull/25368
* [f21705df58] - deps: update openssl asm files (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
* [02b6a6bc27] - deps: fix openssl assembly error on ia32 win32 (Fedor Indutny) https://github.com/joyent/node/pull/25654
* [1aecc668b0] - deps: separate sha256/sha512-x86_64.pl for openssl (Shigeki Ohtsu) https://github.com/joyent/node/pull/25654
* [39380836a0] - deps: copy all openssl header files to include dir (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
* [08c8ae44a8] - deps: upgrade openssl sources to 1.0.1t (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
* [f5a961ab13] - openssl: fix keypress requirement in apps on win32 (Shigeki Ohtsu) https://github.com/joyent/node/pull/25654
* [810fb211a7] - tools: remove obsolete npm test-legacy command (Kat Marchán) https://github.com/nodejs/node/pull/5988
## 2016-05-06, Version 0.10.45 (Maintenance), @rvagg
### Notable changes: