diff options
| author | Rod Vagg <rod@vagg.org> | 2016-03-31 13:13:10 +0300 |
|---|---|---|
| committer | Rod Vagg <rod@vagg.org> | 2016-04-01 02:26:45 +0300 |
| commit | 5f4849ac2af13ef3288bcf64c8d9f1fe8f5dba87 (patch) | |
| tree | ee89cfb3a1cedd2971f6bab807a99f3b3ff3d10e | |
| parent | 4041ea6bc55281ea58569ad10f26a79dc73460d7 (diff) | |
2016-03-31 Version 0.12.13 (LTS) Releasev0.12.13
Notable changes:
* npm: Upgrade to v2.15.1. Fixes a security flaw in the use of
authentication tokens in HTTP requests that would allow an attacker
to set up a server that could collect tokens from users of the
command-line interface. Authentication tokens have previously been
sent with every request made by the CLI for logged-in users,
regardless of the destination of the request. This update fixes this
by only including those tokens for requests made against the
registry or registries used for the current install.
(Forrest L Norvell) https://github.com/nodejs/node/pull/5967
* openssl: OpenSSL v1.0.1s disables the EXPORT and LOW ciphers as they
are obsolete and not considered safe. This release of Node.js turns
on `OPENSSL_NO_WEAK_SSL_CIPHERS` to fully disable the 27 ciphers
included in these lists which can be used in SSLv3 and higher. Full
details can be found in our LTS discussion on the matter
(https://github.com/nodejs/LTS/issues/85).
(Shigeki Ohtsu) https://github.com/nodejs/node/pull/5712
PR-URL: https://github.com/nodejs/node/pull/5967
| -rw-r--r-- | ChangeLog | 16 | ||||
| -rw-r--r-- | src/node_version.h | 2 |
2 files changed, 17 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog index 22a4a774e48..58aac5ea7b4 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,19 @@ +2016-03-31, Version 0.12.13 (LTS), @rvagg + +Notable changes: + +* npm: Upgrade to v2.15.1. (Forrest L Norvell) +* openssl: OpenSSL v1.0.1s disables the EXPORT and LOW ciphers as they are obsolete and not considered safe. This release of Node.js turns on `OPENSSL_NO_WEAK_SSL_CIPHERS` to fully disable the 27 ciphers included in these lists which can be used in SSLv3 and higher. Full details can be found in our LTS discussion on the matter (https://github.com/nodejs/LTS/issues/85). (Shigeki Ohtsu) https://github.com/nodejs/node/pull/5712 + +Commits: + +* [2ce29165a1] - deps: upgrade npm in LTS to 2.15.1 (Forrest L Norvell) +* [a115779026] - deps: Disable EXPORT and LOW ciphers in openssl (Shigeki Ohtsu) https://github.com/nodejs/node/pull/5712 +* [ab907eb5a8] - test: skip cluster-disconnect-race on Windows (Gibson Fahnestock) https://github.com/nodejs/node/pull/5621 +* [9c06db7444] - test: change tls tests not to use LOW cipher (Shigeki Ohtsu) https://github.com/nodejs/node/pull/5712 +* [154098a3dc] - test: bp fix for test-http-get-pipeline-problem.js (Michael Dawson) https://github.com/nodejs/node/pull/3013 +* [ff2bed6e86] - win,build: support Visual C++ Build Tools 2015 (João Reis) https://github.com/nodejs/node/pull/5627 + 2016-03-08, Version 0.12.12 (LTS), @rvagg Notable changes: diff --git a/src/node_version.h b/src/node_version.h index e1116bb072d..ed584258fb2 100644 --- a/src/node_version.h +++ b/src/node_version.h @@ -26,7 +26,7 @@ #define NODE_MINOR_VERSION 12 #define NODE_PATCH_VERSION 13 -#define NODE_VERSION_IS_RELEASE 0 +#define NODE_VERSION_IS_RELEASE 1 #ifndef NODE_STRINGIFY #define NODE_STRINGIFY(n) NODE_STRINGIFY_HELPER(n) |