From b974d0dd646785a6b96ea1a525c203d2a583687b Mon Sep 17 00:00:00 2001
From: Rod Vagg <rod@vagg.org>
Date: Thu, 28 Feb 2019 16:10:16 +1100
Subject: 2019-02-28, Version 10.15.2 'Dubnium' (LTS)

This is a security release. All Node.js users should consult the security
release summary at:

  https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/

for details on patched vulnerabilities.

A fix for the following CVE is included in this release:

  * Node.js: Slowloris HTTP Denial of Service with keep-alive
    (CVE-2019-5737)

Notable Changes:

* http: Further prevention of "Slowloris" attacks on HTTP and HTTPS
  connections by consistently applying the receive timeout set by
  `server.headersTimeout` to connections in keep-alive mode. Reported by
  Marco Pracucci (https://voxnest.com). (CVE-2019-5737 / Matteo Collina)

PR-URL: https://github.com/nodejs-private/node-private/pull/164
---
 CHANGELOG.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'CHANGELOG.md')

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 1bc75ae43c..bc4b4382b3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -42,7 +42,8 @@ release.
 <a href="doc/changelogs/CHANGELOG_V11.md#11.0.0">11.0.0</a><br/>
     </td>
     <td valign="top">
-<b><a href="doc/changelogs/CHANGELOG_V10.md#10.15.1">10.15.1</a></b><br/>
+<b><a href="doc/changelogs/CHANGELOG_V10.md#10.15.2">10.15.2</a></b><br/>
+<a href="doc/changelogs/CHANGELOG_V10.md#10.15.1">10.15.1</a><br/>
 <a href="doc/changelogs/CHANGELOG_V10.md#10.15.0">10.15.0</a><br/>
 <a href="doc/changelogs/CHANGELOG_V10.md#10.14.2">10.14.2</a><br/>
 <a href="doc/changelogs/CHANGELOG_V10.md#10.14.1">10.14.1</a><br/>
-- 
cgit v1.2.3