2020-11-16, Version 12.19.1 'Erbium' (LTS), @BethGriggs
Notable changes
This is a security release.
Vulnerabilities fixed:
- CVE-2020-8277: Denial of Service through DNS request (High). A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service by getting the application to resolve a DNS record with a larger number of responses.
Commits
- [
022899e1d5
] - deps: cherry-pick 0d252eb from upstream c-ares (Michael Dawson) nodejs-private/node-private#231