diff options
| author | Richard Lau <rlau@redhat.com> | 2022-03-18 00:27:24 +0300 |
|---|---|---|
| committer | Richard Lau <rlau@redhat.com> | 2022-03-18 00:34:05 +0300 |
| commit | 442e84a358d75152556b5d087e4dd6a51615330d (patch) | |
| tree | d3d767d3111f193dc6750f03b536ff398c2f1fd2 | |
| parent | c533b430f401579d16d635d0c8b3fc8f2d6e4e18 (diff) | |
2022-03-17, Version 16.14.2 'Gallium' (LTS)v16.14.2
This is a security release.
Notable changes:
Update to OpenSSL 1.1.1n, which addresses the following vulnerability:
- Infinite loop in BN_mod_sqrt() reachable when parsing certificates (High)(CVE-2022-0778)
More details are available at https://www.openssl.org/news/secadv/20220315.txt
PR-URL: https://github.com/nodejs/node/pull/42385
| -rw-r--r-- | CHANGELOG.md | 3 | ||||
| -rw-r--r-- | doc/changelogs/CHANGELOG_V16.md | 20 | ||||
| -rw-r--r-- | src/node_version.h | 2 |
3 files changed, 23 insertions, 2 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 2f3cfcf98cb..c514c985d05 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -33,7 +33,8 @@ release. </tr> <tr> <td valign="top"> -<b><a href="doc/changelogs/CHANGELOG_V16.md#16.14.1">16.14.1</a></b><br/> +<b><a href="doc/changelogs/CHANGELOG_V16.md#16.14.2">16.14.2</a></b><br/> +<a href="doc/changelogs/CHANGELOG_V16.md#16.14.1">16.14.1</a><br/> <a href="doc/changelogs/CHANGELOG_V16.md#16.14.0">16.14.0</a><br/> <a href="doc/changelogs/CHANGELOG_V16.md#16.13.2">16.13.2</a><br/> <a href="doc/changelogs/CHANGELOG_V16.md#16.13.1">16.13.1</a><br/> diff --git a/doc/changelogs/CHANGELOG_V16.md b/doc/changelogs/CHANGELOG_V16.md index 6893c95fec6..2dd7c599699 100644 --- a/doc/changelogs/CHANGELOG_V16.md +++ b/doc/changelogs/CHANGELOG_V16.md @@ -9,6 +9,7 @@ </tr> <tr> <td valign="top"> +<a href="#16.14.2">16.14.2</a><br/> <a href="#16.14.1">16.14.1</a><br/> <a href="#16.14.0">16.14.0</a><br/> <a href="#16.13.2">16.13.2</a><br/> @@ -58,6 +59,25 @@ * [io.js](CHANGELOG_IOJS.md) * [Archive](CHANGELOG_ARCHIVE.md) +<a id="16.14.2"></a> + +## 2022-03-17, Version 16.14.2 'Gallium' (LTS), @richardlau + +This is a security release. + +### Notable Changes + +Update to OpenSSL 1.1.1n, which addresses the following vulnerability: + +* Infinite loop in `BN_mod_sqrt()` reachable when parsing certificates (High)(CVE-2022-0778) + More details are available at <https://www.openssl.org/news/secadv/20220315.txt> + +### Commits + +* \[[`3924618c74`](https://github.com/nodejs/node/commit/3924618c74)] - **deps**: update archs files for OpenSSL-1.1.1 (Hassaan Pasha) [#42352](https://github.com/nodejs/node/pull/42352) +* \[[`7a6a870d58`](https://github.com/nodejs/node/commit/7a6a870d58)] - **deps**: upgrade openssl sources to OpenSSL\_1\_1\_1n (Hassaan Pasha) [#42352](https://github.com/nodejs/node/pull/42352) +* \[[`c533b430f4`](https://github.com/nodejs/node/commit/c533b430f4)] - **test**: fix tests affected by OpenSSL update (Michael Dawson) [#42352](https://github.com/nodejs/node/pull/42352) + <a id="16.14.1"></a> ## 2022-03-15, Version 16.14.1 'Gallium' (LTS), @danielleadams diff --git a/src/node_version.h b/src/node_version.h index 83932901ee8..41081f82714 100644 --- a/src/node_version.h +++ b/src/node_version.h @@ -29,7 +29,7 @@ #define NODE_VERSION_IS_LTS 1 #define NODE_VERSION_LTS_CODENAME "Gallium" -#define NODE_VERSION_IS_RELEASE 0 +#define NODE_VERSION_IS_RELEASE 1 #ifndef NODE_STRINGIFY #define NODE_STRINGIFY(n) NODE_STRINGIFY_HELPER(n) |