mirrors/nodejs
mirrors/nodejs
0
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2024-12-01 16:10:02 +01:00
Code Issues Releases Activity

2017-12-08, Version 4.8.7 'Argon' (LTS)

Browse Source 
This is a security release. All Node.js users should consult the
security release summary at
https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/
for details on patched vulnerabilities.

Fixes for the following CVEs are included in this release:

* CVE-2017-15896
* CVE-2017-3738 (from the openssl project)

Notable Changes:

* deps:
  * openssl updated to 1.0.2n (Shigeki Ohtsu)
    https://github.com/nodejs/node/pull/17526

PR-URL: https://github.com/nodejs/node/pull/17534
This commit is contained in:
Myles Borins 2017-12-07 15:24:08 -05:00
parent 07549c6a91
commit e832743f72
No known key found for this signature in database
GPG Key ID: 933B01F40B5CA946
2 changed files with 28 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG.md
View File

@ -87,7 +87,8 @@ release.
<a href="doc/changelogs/CHANGELOG_V6.md#6.0.0">6.0.0</a><br/>
</td>
<td valign="top">
<b><a href="doc/changelogs/CHANGELOG_V4.md#4.8.6">4.8.6</a></b><br/>
<b><a href="doc/changelogs/CHANGELOG_V4.md#4.8.7">4.8.7</a></b><br/>
<a href="doc/changelogs/CHANGELOG_V4.md#4.8.6">4.8.6</a><br/>
<a href="doc/changelogs/CHANGELOG_V4.md#4.8.5">4.8.5</a><br/>
<a href="doc/changelogs/CHANGELOG_V4.md#4.8.4">4.8.4</a><br/>
<a href="doc/changelogs/CHANGELOG_V4.md#4.8.3">4.8.3</a><br/>

26
doc/changelogs/CHANGELOG_V4.md
View File

@ -9,6 +9,7 @@
</tr>
<tr>
<td valign="top">
<a href="#4.8.7">4.8.7</a><br/>
<a href="#4.8.6">4.8.6</a><br/>
<a href="#4.8.5">4.8.5</a><br/>
<a href="#4.8.4">4.8.4</a><br/>
@ -68,6 +69,31 @@
[Node.js Long Term Support Plan](https://github.com/nodejs/LTS) and
will be supported actively until April 2017 and maintained until April 2018.
<a id="4.8.7"></a>
## 2017-12-08, Version 4.8.7 'Argon' (Maintenance), @MylesBorins
This is a security release. All Node.js users should consult the security release summary at https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/ for details on patched vulnerabilities.
Fixes for the following CVEs are included in this release:
* CVE-2017-15896
* CVE-2017-3738 (from the openssl project)
### Notable Changes
* **deps**:
* openssl updated to 1.0.2n (Shigeki Ohtsu) [#17526](https://github.com/nodejs/node/pull/17526)
### Commits
* [[`4f8fae3493`](https://github.com/nodejs/node/commit/4f8fae3493)] - **deps**: update openssl asm and asm_obsolete files (Shigeki Ohtsu) [#17526](https://github.com/nodejs/node/pull/17526)
* [[`eacd090e7b`](https://github.com/nodejs/node/commit/eacd090e7b)] - **deps**: add -no_rand_screen to openssl s_client (Shigeki Ohtsu) [nodejs/io.js#1836](https://github.com/nodejs/io.js/pull/1836)
* [[`3e6b0b0d13`](https://github.com/nodejs/node/commit/3e6b0b0d13)] - **deps**: fix asm build error of openssl in x86_win32 (Shigeki Ohtsu) [iojs/io.js#1389](https://github.com/iojs/io.js/pull/1389)
* [[`b0ed4c52af`](https://github.com/nodejs/node/commit/b0ed4c52af)] - **deps**: fix openssl assembly error on ia32 win32 (Fedor Indutny) [iojs/io.js#1389](https://github.com/iojs/io.js/pull/1389)
* [[`dd6a2dff1e`](https://github.com/nodejs/node/commit/dd6a2dff1e)] - **deps**: copy all openssl header files to include dir (Shigeki Ohtsu) [#17526](https://github.com/nodejs/node/pull/17526)
* [[`b3afedfbe9`](https://github.com/nodejs/node/commit/b3afedfbe9)] - **deps**: upgrade openssl sources to 1.0.2n (Shigeki Ohtsu) [#17526](https://github.com/nodejs/node/pull/17526)
* [[`f7eb162d0d`](https://github.com/nodejs/node/commit/f7eb162d0d)] - **openssl**: fix keypress requirement in apps on win32 (Shigeki Ohtsu) [iojs/io.js#1389](https://github.com/iojs/io.js/pull/1389)
<a id="4.8.6"></a>
## 2017-11-07, Version 4.8.6 'Argon' (Maintenance), @MylesBorins