diff options
| author | Jeremiah Senkpiel <fishrock123@rocketmail.com> | 2016-03-02 18:46:04 -0500 |
|---|---|---|
| committer | Jeremiah Senkpiel <fishrock123@rocketmail.com> | 2016-03-02 18:46:04 -0500 |
| commit | 9091ccdc2d1d01709176484a1557e9ca8f3fab33 (patch) | |
| tree | d382f4c93e7fc3503e777d02ac47c45883b1b673 /benchmark/misc | |
| parent | 4c724dd43969b42d8fdc31b80501714dc706af93 (diff) | |
| download | android-node-v8-9091ccdc2d1d01709176484a1557e9ca8f3fab33.tar.gz android-node-v8-9091ccdc2d1d01709176484a1557e9ca8f3fab33.tar.bz2 android-node-v8-9091ccdc2d1d01709176484a1557e9ca8f3fab33.zip | |
2016-03-02, Version 5.7.1 (Stable)
Notable changes:
* governance: The Core Technical Committee (CTC) added four new members
to help guide Node.js core development: Evan Lucas, Rich Trott, Ali
Ijaz Sheikh and Сковорода Никита Андреевич (Nikita Skovoroda).
* openssl: Upgrade from 1.0.2f to 1.0.2g (Ben Noordhuis)
https://github.com/nodejs/node/pull/5507
- Fix a double-free defect in parsing malformed DSA keys that may
potentially be used for DoS or memory corruption attacks. It is likely
to be very difficult to use this defect for a practical attack and is
therefore considered low severity for Node.js users. More info is
available at https://www.openssl.org/news/vulnerabilities.html#2016-0705
- Fix a defect that can cause memory corruption in certain very rare
cases relating to the internal `BN_hex2bn()` and `BN_dec2bn()`
functions. It is believed that Node.js is not invoking the code paths
that use these functions so practical attacks via Node.js using this
defect are _unlikely_ to be possible. More info is available at
https://www.openssl.org/news/vulnerabilities.html#2016-0797
- Fix a defect that makes the CacheBleed Attack
(https://ssrg.nicta.com.au/projects/TS/cachebleed/) possible. This
defect enables attackers to execute side-channel attacks leading to the
potential recovery of entire RSA private keys. It only affects the
Intel Sandy Bridge (and possibly older) microarchitecture when using
hyper-threading. Newer microarchitectures, including Haswell, are
unaffected. More info is available at
https://www.openssl.org/news/vulnerabilities.html#2016-0702
* Fixed several regressions that appeared in v5.7.0:
- path.relative():
- Output is no longer unnecessarily verbose (Brian White)
https://github.com/nodejs/node/pull/5389
- Resolving UNC paths on Windows now works correctly (Owen Smith)
https://github.com/nodejs/node/pull/5456
- Resolving paths with prefixes now works correctly from the root
directory (Owen Smith) https://github.com/nodejs/node/pull/5490
- url: Fixed an off-by-one error with `parse()` (Brian White)
https://github.com/nodejs/node/pull/5394
- dgram: Now correctly handles a default address case when offset and
length are specified (Matteo Collina)
https://github.com/nodejs/node/pull/5407
PR-URL: https://github.com/nodejs/node/pull/5464
Diffstat (limited to 'benchmark/misc')
0 files changed, 0 insertions, 0 deletions