Weekly Update - Feb 15th, 2016
Minwoo Jung (@jmwsoft)
Node.js News
Node v0.10.42 (LTS), Node v0.12.10 (LTS), Node v4.3.0 (LTS) and Node v5.6.0 (Current) are released.
February 2016 Security Release Summary
We had released Node.js v0.10.42 (Maintenance), v0.12.10 (LTS), v4.3.0 "Argon" (LTS) and v5.6.0 (Current) with fixes for the announced vulnerabilities and updates to OpenSSL.
Please note that our LTS "Argon" release line (/oved from v4.2.x to v4.3.x due to the sec(/ fixes enclosed. There will be no further updat(/ v4.2.x. Users are advised to upgrade to v(/ as soon as possible.
For the purpose of understanding the impact that the fixed vulnerabilities have on your Node.js deployment and the urgency of the upgrades for your circumstances we are providing details below.
See /blog/vulnerability/february-2016-security-releases/ for more information.
OpenSSL upgrade summary
Node.js v0.10.42 and v0.12.10 upgrade the bundled version of OpenSSL from 1.0.1q to 1.0.1r. Full details can be found in the OpenSSL 1.0.1 changelog.
Node.js v4.3.0 and v5.6.0 upgrade the bundled version of OpenSSL from 1.0.2e to 1.0.2f. Full details can be found in the OpenSSL 1.0.2 changelog.
Upcoming Events
- NodeConf Adventure 2016, "First batch of NodeConf Adventure tickets are up!", June 9th–12th, 2016 - Walker Creek Ranch, Marin, CA, USA
- NationJS Node Day Conference, TICKETS ARE AVAILABLE NOW, March 11, 2016 - Washington, DC
Have an event about Node.js coming up? You can put your events here through the Evangelism team repo and announce it in the Issues page, specifically the Weekly Updates issue.