Release proposal: v0.10.42 (Maintenance)
Security release, to go out ~ Tuesday, the 9th of February, 11pm UTC with releases across all active lines as per https://groups.google.com/d/msg/nodejs-sec/G8IA0G4uA88/So3Cw84YDwAJ.
Commits so far:
- [
6dbcb188b0
] - build: enable xz compressed tarballs where possible (Rod Vagg) #4894 - [
b0a848c666
] - deps: upgrade openssl sources to 1.0.1r (Shigeki Ohtsu) joyent/node#25368 - [
eb4666b9dc
] - doc: clarify v0.10.41 openssl tls security impact (Rod Vagg) #4153 - [
02bc6f3536
] - tools: backport tools/install.py for headers (Richard Lau) #4149
Pending additions being worked on by the security team, I'll get everything else ready here and finish it off in our private repo. Still needs "Notable items" filled out for OpenSSL.
Commit still on v0.10-staging
that we'll have to get to in a v0.10.43 soon after this release:
- [
9cae9b2290
] - domains: fix handling of uncaught exceptions (Julien Gilli) #3887
Trying not to include non-security and non-build changes in this release to minimise impact to users (well, minimise their perceived impact at least).