Node v14.15.2 (LTS)
Notable Changes deps: upgrade npm to 6.14.9 (Myles Borins) #36450 update acorn to v8.0.4 (Michaël Zasso) #35791 doc: add release key for Danielle Adams (Danielle Adams) #35545 http2: check write not...
View ArticleNode v14.15.3 (LTS)
Notable ChangesNode.js v14.15.2 included a commit that has caused reported breakages when cloning request objects. This release reverts the commit that introduced the behaviour change. See...
View ArticleNode v15.5.0 (Current)
Notable ChangesExtended support for AbortSignal in child_process and streamThe following APIs now support an AbortSignal in their options object: child_process.spawn() Calling .abort() on the...
View ArticleNode v15.5.1 (Current)
Notable changesVulnerabilities fixed: CVE-2020-8265: use-after-free in TLSWrap (High) Affected Node.js versions are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS...
View ArticleNode v14.15.4 (LTS)
Notable ChangesVulnerabilities fixed: CVE-2020-1971: OpenSSL - EDIPARTYNAME NULL pointer de-reference (High) This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more...
View ArticleNode v10.23.1 (LTS)
Notable changesThis is a security release. Vulnerabilities fixed: CVE-2020-8265: use-after-free in TLSWrap (High) Affected Node.js versions are vulnerable to a use-after-free bug in its TLS...
View ArticleNode v12.20.1 (LTS)
Notable changesThis is a security release. Vulnerabilities fixed: CVE-2020-8265: use-after-free in TLSWrap (High) Affected Node.js versions are vulnerable to a use-after-free bug in its TLS...
View ArticleJanuary 2021 Security Releases
(Update 4-Jan-2021) Security releases availableUpdates are now available for v10,x, v12.x, v14.x and v15.x Node.js release lines for the following issues. In addition to the vulnerabilities listed...
View ArticleNode v15.6.0 (Current)
Notable Changes child_process: add 'overlapped' stdio flag (Thiago Padilha) #29412 support AbortSignal in fork (Benjamin Gruenbaum) #36603 crypto: implement basic secure heap support (James M Snell)...
View ArticleNode v15.7.0 (Current)
Notable changes buffer: introduce Blob (James M Snell) #36811 add base64url encoding option (Filip Skokan) #36952 doc: add @iansu to collaborators (Ian Sutherland) #36951 add @RaisinTen to...
View ArticleNode v10.23.2 (LTS)
Notable changesRelease keys have been synchronized with the main branch. deps: upgrade npm to 6.14.11 (Darcy Clarke) #36838 Commits [cc6b69557a] - deps: upgrade npm to 6.14.11 (Darcy Clarke) #36838...
View ArticleNode v15.8.0 (Current)
Notable Changes [110063d694] - (SEMVER-MINOR) crypto: add generatePrime/checkPrime (James M Snell) #36997 [53a0bdff47] - (SEMVER-MINOR) crypto: experimental (Ed/X)25519/(Ed/X)448 support (James M...
View ArticleNode v14.15.5 (LTS)
Notable Changes deps: upgrade npm to 6.14.11 (Ruy Adorno) #37173 V8: backport dfcf1e86fac0 (Michaël Zasso) #37245 Note: Node.js is not believed to be vulnerable to CVE-2021-21148. stream,zlib: do not...
View ArticleNode v10.23.3 (LTS)
Notable changesThe update to npm 6.14.11 has been relanded so that npm correctly reports its version. Commits [953a85035d] - crypto: fix crash when calling digest after piping (Tobias Nießen) #28251...
View ArticleNode v12.20.2 (LTS)
Notable changes deps: upgrade npm to 6.14.11 (Ruy Adorno) #37173 Commits [e8a4e560ea] - async_hooks: fix leak in AsyncLocalStorage exit (Stephen Belanger) #35779 [427968d266] - deps: upgrade npm to...
View ArticleNode v15.9.0 (Current)
Notable Changes crypto: add keyObject.export() 'jwk' format option (Filip Skokan) #37081 deps: upgrade to libuv 1.41.0 (Colin Ihrig) #37360 doc: add dmabupt to collaborators (Xu Meng) #37377 refactor...
View ArticleFebruary 2021 Security Releases
SummaryThe Node.js project will release new versions of all supported release lines on or shortly after Tuesday, February 23th, 2021. One Critical severity issue One High severity issue One Low...
View ArticleNode v10.24.0 (LTS)
Notable changesVulnerabilities fixed: CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion Affected Node.js versions are vulnerable to denial of service attacks when...
View ArticleNode v15.10.0 (Current)
Notable changesVulnerabilities fixed: CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion Affected Node.js versions are vulnerable to denial of service attacks when...
View ArticleNode v12.21.0 (LTS)
Notable changesVulnerabilities fixed: CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion Affected Node.js versions are vulnerable to denial of service attacks when...
View Article