Weekly Update - Jan 29th, 2016

від Minwoo Jung (@jmwsoft),

Node.js News

The Node.js project will be releasing new versions across all of its active release lines early next week (possibly sooner, pending full impact assessment) to incorporate upstream patches from OpenSSL and some additional low-severity fixes relating to HTTP handling. Please read on for full details.

See https://nodejs.org/en/blog/vulnerability/openssl-and-low-severity-fixes-jan-2016/ for more information.

OpenSSL Impact Assessment

OpenSSL versions 1.0.1r and 1.0.21 have been released, the announcement can be found here: https://mta.openssl.org/pipermail/openssl-announce/2016-January/000061.html

Our team has made an assessment of the impact of the disclosed defects and concluded that there is no urgency in releasing patched versions of Node.js in response to this release. Therefore, we will be proceeding as planned and attempt to release new versions of each of our active release lines on or after Monday the 1st of February, 11pm UTC (Monday the 1st of February, 3pm Pacific Time). Please note that this is simply an approximation of release timing. Please tune in to nodejs-sec (https://groups.google.com/forum/#!topic/nodejs-sec) where we will announce the availability of releases.

Nominations for the 2016 election

Nominations closed for the individual member representative to the Node.js Foundation Board. 12 members put their hands up with nominations:

A ballot was distributed to individual members on January 20th, with the election completed by January 30th.

To be eligible to vote, you must be signed up as an individual member of the Node.js Foundation, more information can be found here: https://nodejs.org/en/blog/community/individual-membership/

Community Updates

  • Node by Numbers 2015, "By analyzing the logs for binary and source downloads, we get to discover some interesting patterns."
  • ninetyseven, "A Front-end npm Show"

If you have spotted or written something about Node.js, do come over to our Evangelism team repo and suggest it on the Issues page, specifically the Weekly Updates issue.

Upcoming Events

Have an event about Node.js coming up? You can put your events here through the Evangelism team repo and announce it in the Issues page, specifically the Weekly Updates issue.

Вгору