Browse Source

blog: Add security notice to v0.8.17 post

v0.8.18-release
isaacs 12 years ago
parent
commit
6d9ee4b184
  1. 12
      doc/blog/release/v0.8.17.md

12
doc/blog/release/v0.8.17.md

@ -4,6 +4,18 @@ slug: node-v0-8-17-stable
category: release
version: 0.8.17
This release addresses a potential security vulnerability.
If you do not use TypedArrays, then you're fine (but should still
upgrade for other reasons, like better performance and npm
peerDependencies.)
If you use TypedArrays, you should upgrade to v0.8.17 as soon as
possible. If user input can affect the size parameter in a
TypedArray, an integer overflow vulnerability could allow an attacker
to write to areas of memory outside the intended buffer. Please
upgrade ASAP.
2012.01.09, Version 0.8.17 (Stable)
* npm: Upgrade to v1.2.0

Loading…
Cancel
Save