Skip to content

Commit

Permalink
2016-05-06 Version 0.12.14 (Maintenance) Release
Browse files Browse the repository at this point in the history 
Notable changes:

* npm: Correct erroneous version number in v2.15.1 code
  (Forrest L Norvell) #5988
* openssl: Upgrade to v1.0.1t, addressing security vulnerabilities
  (Shigeki Ohtsu) #6553
  - Fixes CVE-2016-2107 "Padding oracle in AES-NI CBC MAC check"
  - Fixes CVE-2016-2105 "EVP_EncodeUpdate overflow"
  - See https://nodejs.org/en/blog/vulnerability/openssl-may-2016/
    for full details
  • Loading branch information
@rvagg
rvagg committed May 6, 2016
1 parent 1ec421e commit 98b534f
Showing 1 changed file with 22 additions and 0 deletions.
22 changes: 22 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,27 @@
# Node.js ChangeLog

## 2016-05-06, Version 0.12.14 (Maintenance), @rvagg

### Notable changes:

* npm: Correct erroneous version number in v2.15.1 code (Forrest L Norvell) https://github.com/nodejs/node/pull/5988
* openssl: Upgrade to v1.0.1t, addressing security vulnerabilities (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
- Fixes CVE-2016-2107 "Padding oracle in AES-NI CBC MAC check"
- Fixes CVE-2016-2105 "EVP_EncodeUpdate overflow"
- See https://nodejs.org/en/blog/vulnerability/openssl-may-2016/ for full details

### Commits:

* [3e99ee1b47] - deps: completely upgrade npm in LTS to 2.15.1 (Forrest L Norvell) https://github.com/nodejs/node/pull/5988
* [2b63396e1f] - deps: add -no_rand_screen to openssl s_client (Shigeki Ohtsu) https://github.com/joyent/node/pull/25368
* [f21705df58] - deps: update openssl asm files (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
* [02b6a6bc27] - deps: fix openssl assembly error on ia32 win32 (Fedor Indutny) https://github.com/joyent/node/pull/25654
* [1aecc668b0] - deps: separate sha256/sha512-x86_64.pl for openssl (Shigeki Ohtsu) https://github.com/joyent/node/pull/25654
* [39380836a0] - deps: copy all openssl header files to include dir (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
* [08c8ae44a8] - deps: upgrade openssl sources to 1.0.1t (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
* [f5a961ab13] - openssl: fix keypress requirement in apps on win32 (Shigeki Ohtsu) https://github.com/joyent/node/pull/25654
* [810fb211a7] - tools: remove obsolete npm test-legacy command (Kat Marchán) https://github.com/nodejs/node/pull/5988

## 2016-05-06, Version 0.10.45 (Maintenance), @rvagg

### Notable changes:
Expand Down

0 comments on commit 98b534f

Please sign in to comment.