Node v16.18.1 (LTS)
Notable changesThe following CVEs are fixed in this release: CVE-2022-43548: DNS rebinding in --inspect via invalid octal IP address (Medium) More detailed information on each of the vulnerabilities...
View ArticleNode v19.0.1 (Current)
Notable changesThe following CVEs are fixed in this release: CVE-2022-3602: X.509 Email Address 4-byte Buffer Overflow (High) CVE-2022-3786: X.509 Email Address Variable Length Buffer Overflow (High)...
View ArticleNode v18.12.1 (LTS)
Notable changesThe following CVEs are fixed in this release: CVE-2022-3602: X.509 Email Address 4-byte Buffer Overflow (High) CVE-2022-3786: X.509 Email Address Variable Length Buffer Overflow (High)...
View ArticleNode v19.1.0 (Current)
Notable changesSupport function mocking on Node.js test runnerThe node:test module supports mocking during testing via a top-level mock object. test('spies on an object method', (t) => { const...
View ArticleNode v19.2.0 (Current)
Notable changesTime zone updateTime zone data has been updated to 2022f. This includes changes to Daylight Savings Time (DST) for Fiji and Mexico. For more information, see...
View ArticleNode v14.21.2 (LTS)
Notable ChangesOpenSSL 1.1.1sThis OpenSSL version does not address any security vulnerabilities. Root certificates updated to NSS 3.85Certificates added: Autoridad de Certificacion Firmaprofesional CIF...
View ArticleNode v16.19.0 (LTS)
Notable ChangesOpenSSL 1.1.1sThis OpenSSL version does not address any security vulnerabilities. Root certificates updated to NSS 3.85Certificates added: Autoridad de Certificacion Firmaprofesional CIF...
View ArticleNode v19.3.0 (Current)
Notable ChangesUpdated npm to 9.2.0Based on the list of guidelines we've established on integrating npm and node, here is a grouped list of the breaking changes with the reasoning as to why they fit...
View ArticleOpenSSL 3.0.7 update assessment
SummaryThe vulnerability in the OpenSSL Security Advisory of Dec 13 2022 do not affect any active Node.js release lines. AnalysisOur assessment of the security advisory is: X.509 Policy Constraints...
View ArticleNode v18.13.0 (LTS)
Notable changesAdd support for externally shared js builtinsBy default Node.js is built so that all dependencies are bundled into the Node.js binary itself. Some Node.js distributions prefer to manage...
View ArticleNode v19.4.0 (Current)
Notable Changes buffer: (SEMVER-MINOR) add buffer.isUtf8 for utf8 validation (Yagiz Nizipli) #45947 http: (SEMVER-MINOR) improved timeout defaults handling (Paolo Insogna) #45778 net: add...
View ArticleNode v19.5.0 (Current)
Notable Changes http: (SEMVER-MINOR) join authorization headers (Marco Ippolito) #45982 lib:: add webstreams to Duplex.from() (Debadree Chatterjee) #46190 stream: implement finished() for...
View ArticleNode v19.6.0 (Current)
Notable changesESM: Leverage loaders when resolving subsequent loadersLoaders now apply to subsequent loaders, for example: --experimental-loader ts-node --experimental-loader...
View ArticleNode v18.14.0 (LTS)
Notable changesUpdated npm to 9.3.1Based on the list of guidelines we've established on integrating npm and node, here is a grouped list of the breaking changes with the reasoning as to why they fit...
View ArticleTuesday February 14 2023 Security Releases
Pre-release announce SummaryThe Node.js project will release new versions of the 14.x, 16.x, 18.x and 19.x releases lines on or shortly after, Tuesday February 14 2023 in order to address: 2 low...
View ArticleNode v14.21.3 (LTS)
Notable ChangesThe following CVEs are fixed in this release: CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule (High) CVE-2023-23920: Node.js insecure loading of ICU...
View ArticleNode v16.19.1 (LTS)
Notable ChangesThe following CVEs are fixed in this release: CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule (High) CVE-2023-23919: Node.js OpenSSL error handling...
View ArticleNode v19.6.1 (Current)
Notable ChangesThe following CVEs are fixed in this release: CVE-2023-23919: OpenSSL errors not cleared in error stack (Medium) CVE-2023-23918: Experimental Policies bypass via...
View ArticleNode v18.14.1 (LTS)
Notable ChangesThe following CVEs are fixed in this release: CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule (High) CVE-2023-23919: Node.js OpenSSL error handling...
View ArticleNode v19.7.0 (Current)
Notable Changes [60a612607e] - deps: upgrade npm to 9.5.0 (npm team) #46673 [7d6c27eab1] - deps: add ada as a dependency (Yagiz Nizipli) #46410 [a79a8bf85a] - doc: add debadree25 to collaborators...
View Article