Release proposal: v0.12.14 (Maintenance)
2016-05-06, Version 0.12.14 (Maintenance), @rvagg
Notable changes:
- npm: Correct erroneous version number in v2.15.1 code (Forrest L Norvell) https://github.com/nodejs/node/pull/5988
- openssl: Upgrade to v1.0.1t, addressing security vulnerabilities (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
- Fixes CVE-2016-2107 "Padding oracle in AES-NI CBC MAC check"
- Fixes CVE-2016-2105 "EVP_EncodeUpdate overflow"
- See https://nodejs.org/en/blog/vulnerability/openssl-may-2016/ for full details