diff options
author | Richard Lau <rlau@redhat.com> | 2022-03-17 20:06:38 +0300 |
---|---|---|
committer | Richard Lau <rlau@redhat.com> | 2022-03-17 20:48:28 +0300 |
commit | db3d88267f618b8f19464d1178421e1cb1651fb5 (patch) | |
tree | e6ea88c6ed64aba80d084df1b03ede30e3102e1b | |
parent | c8b6d92af02206913d3223ce3f4700f460f40696 (diff) |
2022-03-17, Version 17.7.2 (Current)v17.7.2
This is a security release.
Notable changes:
Update to OpenSSL 3.0.2, which addresses the following vulnerability:
- Infinite loop in BN_mod_sqrt() reachable when parsing certificates (High)(CVE-2022-0778)
More details are available at https://www.openssl.org/news/secadv/20220315.txt
PR-URL: https://github.com/nodejs/node/pull/42381
-rw-r--r-- | CHANGELOG.md | 3 | ||||
-rw-r--r-- | doc/changelogs/CHANGELOG_V17.md | 21 | ||||
-rw-r--r-- | src/node_version.h | 2 |
3 files changed, 24 insertions, 2 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index bc47e6bf3df..e916ec09c96 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -33,7 +33,8 @@ release. </tr> <tr> <td valign="top"> -<b><a href="doc/changelogs/CHANGELOG_V17.md#17.7.1">17.7.1</a></b><br/> +<b><a href="doc/changelogs/CHANGELOG_V17.md#17.7.2">17.7.2</a></b><br/> +<a href="doc/changelogs/CHANGELOG_V17.md#17.7.1">17.7.1</a><br/> <a href="doc/changelogs/CHANGELOG_V17.md#17.7.0">17.7.0</a><br/> <a href="doc/changelogs/CHANGELOG_V17.md#17.6.0">17.6.0</a><br/> <a href="doc/changelogs/CHANGELOG_V17.md#17.5.0">17.5.0</a><br/> diff --git a/doc/changelogs/CHANGELOG_V17.md b/doc/changelogs/CHANGELOG_V17.md index 142fe3b5c35..c6b98d6ff47 100644 --- a/doc/changelogs/CHANGELOG_V17.md +++ b/doc/changelogs/CHANGELOG_V17.md @@ -8,6 +8,7 @@ </tr> <tr> <td> +<a href="#17.7.2">17.7.2</a><br/> <a href="#17.7.1">17.7.1</a><br/> <a href="#17.7.0">17.7.0</a><br/> <a href="#17.6.0">17.6.0</a><br/> @@ -42,6 +43,26 @@ * [io.js](CHANGELOG_IOJS.md) * [Archive](CHANGELOG_ARCHIVE.md) +<a id="17.7.2"></a> + +## 2022-03-17, Version 17.7.2 (Current), @richardlau + +This is a security release. + +### Notable Changes + +Update to OpenSSL 3.0.2, which addresses the following vulnerability: + +* Infinite loop in `BN_mod_sqrt()` reachable when parsing certificates (High)(CVE-2022-0778) + More details are available at <https://www.openssl.org/news/secadv/20220315.txt> + +### Commits + +* \[[`55e293e05f`](https://github.com/nodejs/node/commit/55e293e05f)] - **deps**: update archs files for quictls/openssl-3.0.2+quic (Hassaan Pasha) [#42356](https://github.com/nodejs/node/pull/42356) +* \[[`b8d090603d`](https://github.com/nodejs/node/commit/b8d090603d)] - **deps**: upgrade openssl sources to quictls/openssl-3.0.2+quic (Hassaan Pasha) [#42356](https://github.com/nodejs/node/pull/42356) +* \[[`c8b6d92af0`](https://github.com/nodejs/node/commit/c8b6d92af0)] - **test**: fix tests affected by OpenSSL update (Michael Dawson) [#42356](https://github.com/nodejs/node/pull/42356) +* \[[`457e31ea09`](https://github.com/nodejs/node/commit/457e31ea09)] - **test**: renew certificates for specific test (Luigi Pinca) [#42342](https://github.com/nodejs/node/pull/42342) + <a id="17.7.1"></a> ## 2022-03-10, Version 17.7.1 (Current), @BethGriggs prepared by @sxa diff --git a/src/node_version.h b/src/node_version.h index 2bb47f69d42..bddebe2eebc 100644 --- a/src/node_version.h +++ b/src/node_version.h @@ -29,7 +29,7 @@ #define NODE_VERSION_IS_LTS 0 #define NODE_VERSION_LTS_CODENAME "" -#define NODE_VERSION_IS_RELEASE 0 +#define NODE_VERSION_IS_RELEASE 1 #ifndef NODE_STRINGIFY #define NODE_STRINGIFY(n) NODE_STRINGIFY_HELPER(n) |