Skip to content
This repository has been archived by the owner on Oct 16, 2021. It is now read-only.

Commit

Permalink
2016-03-31 Version 0.12.13 (LTS) Release
Browse files Browse the repository at this point in the history
Notable changes:

* npm: Upgrade to v2.15.1. Fixes a security flaw in the use of
  authentication tokens in HTTP requests that would allow an attacker
  to set up a server that could collect tokens from users of the
  command-line interface. Authentication tokens have previously been
  sent with every request made by the CLI for logged-in users,
  regardless of the destination of the request. This update fixes this
  by only including those tokens for requests made against the
  registry or registries used for the current install.
  (Forrest L Norvell) nodejs/node#5967
* openssl: OpenSSL v1.0.1s disables the EXPORT and LOW ciphers as they
  are obsolete and not considered safe. This release of Node.js turns
  on `OPENSSL_NO_WEAK_SSL_CIPHERS` to fully disable the 27 ciphers
  included in these lists which can be used in SSLv3 and higher. Full
  details can be found in our LTS discussion on the matter
  (nodejs/Release#85).
  (Shigeki Ohtsu) nodejs/node#5712

PR-URL: nodejs/node#5967
  • Loading branch information
rvagg authored and jBarz committed Nov 4, 2016
1 parent c4df789 commit bbf0d93
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 1 deletion.
16 changes: 16 additions & 0 deletions ChangeLog
Original file line number Diff line number Diff line change
@@ -1,3 +1,19 @@
2016-03-31, Version 0.12.13 (LTS), @rvagg

Notable changes:

* npm: Upgrade to v2.15.1. (Forrest L Norvell)
* openssl: OpenSSL v1.0.1s disables the EXPORT and LOW ciphers as they are obsolete and not considered safe. This release of Node.js turns on `OPENSSL_NO_WEAK_SSL_CIPHERS` to fully disable the 27 ciphers included in these lists which can be used in SSLv3 and higher. Full details can be found in our LTS discussion on the matter (https://github.com/nodejs/LTS/issues/85). (Shigeki Ohtsu) https://github.com/nodejs/node/pull/5712

Commits:

* [2ce29165a1] - deps: upgrade npm in LTS to 2.15.1 (Forrest L Norvell)
* [a115779026] - deps: Disable EXPORT and LOW ciphers in openssl (Shigeki Ohtsu) https://github.com/nodejs/node/pull/5712
* [ab907eb5a8] - test: skip cluster-disconnect-race on Windows (Gibson Fahnestock) https://github.com/nodejs/node/pull/5621
* [9c06db7444] - test: change tls tests not to use LOW cipher (Shigeki Ohtsu) https://github.com/nodejs/node/pull/5712
* [154098a3dc] - test: bp fix for test-http-get-pipeline-problem.js (Michael Dawson) https://github.com/nodejs/node/pull/3013
* [ff2bed6e86] - win,build: support Visual C++ Build Tools 2015 (João Reis) https://github.com/nodejs/node/pull/5627

2016-03-08, Version 0.12.12 (LTS), @rvagg

Notable changes:
Expand Down
2 changes: 1 addition & 1 deletion src/node_version.h
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@
#define NODE_MINOR_VERSION 12
#define NODE_PATCH_VERSION 13

#define NODE_VERSION_IS_RELEASE 0
#define NODE_VERSION_IS_RELEASE 1

#ifndef NODE_STRINGIFY
#define NODE_STRINGIFY(n) NODE_STRINGIFY_HELPER(n)
Expand Down

0 comments on commit bbf0d93

Please sign in to comment.