Release proposal: v0.12.10 (LTS)
Security release, to go out ~ Tuesday, the 9th of February, 11pm UTC with releases across all active lines as per https://groups.google.com/d/msg/nodejs-sec/G8IA0G4uA88/So3Cw84YDwAJ.
Commits so far:
- [
352e3d8a65
] - build: enable xz compressed tarballs where possible (Rod Vagg) #4894 - [
86c737762e
] - deps: upgrade openssl sources to 1.0.1r (Shigeki Ohtsu) joyent/node#25368 - [
8f2db882bd
] - doc: clarify v0.12.9 notable items (Rod Vagg) #4154 - [
4f81d78ec9
] - tools: backport tools/install.py for headers (Richard Lau) #4149
Pending additions being worked on by the security team, I'll get everything else ready here and finish it off in our private repo. Still needs "Notable items" filled out for OpenSSL.
Commits still on v0.12-staging
that we'll have to get to in a v0.12.11 soon after this release:
- [
fbc8cd9bbd
] - deps: backport 1f8555 from v8's upstream (Trevor Norris) #3945 - [
16417cc75a
] - domains: fix handling of uncaught exceptions (Julien Gilli) #3885 - [
9abceadaeb
] - node: fix leaking Context handle (Trevor Norris) #3945 - [
801f6ad8a3
] - src: fix build error without OpenSSL support (Jörg Krause) #4201 - [
409f6a9d30
] - src: use global SealHandleScope (Trevor Norris) #3945 - [
1effbd7b65
] - test: add test-domain-exit-dispose-again back (Julien Gilli) #4278 - [
d1ba82af1c
] - test: fix test-domain-exit-dispose-again (Julien Gilli) #3991
Trying not to include non-security and non-build changes in this release to minimise impact to users (well, minimise their perceived impact at least).