Node.js - v17.7.2
Security
This is a security release.
Notable Changes
Update to OpenSSL 3.0.2, which addresses the following vulnerability:
- Infinite loop in
BN_mod_sqrt()
reachable when parsing certificates (High)(CVE-2022-0778)
More details are available at https://www.openssl.org/news/secadv/20220315.txt
Commits
- [
55e293e05f
] - deps: update archs files for quictls/openssl-3.0.2+quic (Hassaan Pasha) #42356 - [
b8d090603d
] - deps: upgrade openssl sources to quictls/openssl-3.0.2+quic (Hassaan Pasha) #42356 - [
c8b6d92af0
] - test: fix tests affected by OpenSSL update (Michael Dawson) #42356 - [
457e31ea09
] - test: renew certificates for specific test (Luigi Pinca) #42342
Security
Details
date
March 18, 2022, 1:13 a.m.
name
2022-03-17, Version 17.7.2 (Current), @richardlau
type
Patch
official page
👇
Register or login to:
- 🔍View and search all Node.js releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!