Release proposal: v0.12.14 (Maintenance) (!6622) · Merge requests · Rodrigo Test / Test Group-nodejs / node · GitLab

Do not update/delete: Banner broadcast message test data

Do not update/delete: Notification broadcast message test data

Rodrigo Muino Tomonari requested to merge v0.12.14-proposal into v0.12 May 06, 2016

2016-05-06, Version 0.12.14 (Maintenance), @rvagg

Notable changes:

npm: Correct erroneous version number in v2.15.1 code (Forrest L Norvell) https://github.com/nodejs/node/pull/5988
openssl: Upgrade to v1.0.1t, addressing security vulnerabilities (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
- Fixes CVE-2016-2107 "Padding oracle in AES-NI CBC MAC check"
- Fixes CVE-2016-2105 "EVP_EncodeUpdate overflow"
- See https://nodejs.org/en/blog/vulnerability/openssl-may-2016/ for full details