Weekly Update - Nov 27th, 2015

Minwoo Jung

Node.js News — November 27th

Node v0.12.8 (LTS) is released

Node v0.12.8 (LTS) Releases

This week we have one release: Node v0.12.8 (LTS). Complete changelog from previous releases can be found on GitHub.

Notable changes

  • [7d11208f68] - build: backport tools/release.sh (Rod Vagg) #3642
  • [6fb0b92fa0] - build: backport config for new CI infrastructure (Rod Vagg) #3642
  • [83441616a5] - build: fix --without-ssl compile time error (Ben Noordhuis) #3825

CVE-2015-8027 Denial of Service Vulnerability / CVE-2015-6764 V8 Out-of-bounds Access Vulnerability

  • Security release coming on December 1 or December 2 (depending on your timezone) will resolve a denial-of-service vulnerability. Be prepared to update!
  • New releases of v0.12.x, v4.x and v5.x will be made available with appropriate fixes for CVE-2015-8027 and CVE-2015-6764 (for v4.x and v5.x only)
  • Please contact security@nodejs.org if you wish to report a vulnerability in Node.js.

See /blog/vulnerability/cve-2015-8027_cve-2015-6764/ for more information.

NodeUp

  • NodeUp 96: "A Node v5.0 Show" with Rebecca Turner, Rod Vagg, and Rich Trott".

Community Updates

If you have spotted or written something about Node.js, do come over to our Evangelism team repo and suggest it on the Issues page, specifically the Weekly Updates issue.

Upcoming Events

Have an event about Node.js coming up? You can put your events here through the Evangelism team repo and announce it in the Issues page, specifically the Weekly Updates issue.