-
Notifications
You must be signed in to change notification settings - Fork 6.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
2 changed files
with
105 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,102 @@ | ||
| --- | ||
| date: 2018-12-03T14:13:12.403Z | ||
| version: 6.15.1 | ||
| category: release | ||
| title: Node v6.15.1 (LTS) | ||
| slug: node-v6-15-1 | ||
| layout: blog-post.hbs | ||
| author: Rod Vagg | ||
| --- | ||
|
|
||
| ### Notable Changes | ||
|
|
||
| This is a patch release to address a bad backport of the fix for "Slowloris HTTP Denial of Service" (CVE-2018-12122). Node.js 6.15.0 misapplies the headers timeout to an entire keep-alive HTTP session, resulting in prematurely disconnected sockets. | ||
|
|
||
| **Users of Node.js 6.x LTS 'Boron' should upgrade to 6.15.1 as soon as possible.** | ||
|
|
||
| ### Commits | ||
|
|
||
| * [[`5d9005c359`](https://github.com/nodejs/node/commit/5d9005c359)] - **http**: fix backport of Slowloris headers (Matteo Collina) [#24796](https://github.com/nodejs/node/pull/24796) | ||
|
|
||
| Windows 32-bit Installer: https://nodejs.org/dist/v6.15.1/node-v6.15.1-x86.msi<br> | ||
| Windows 64-bit Installer: https://nodejs.org/dist/v6.15.1/node-v6.15.1-x64.msi<br> | ||
| Windows 32-bit Binary: https://nodejs.org/dist/v6.15.1/win-x86/node.exe<br> | ||
| Windows 64-bit Binary: https://nodejs.org/dist/v6.15.1/win-x64/node.exe<br> | ||
| macOS 64-bit Installer: https://nodejs.org/dist/v6.15.1/node-v6.15.1.pkg<br> | ||
| macOS 64-bit Binary: https://nodejs.org/dist/v6.15.1/node-v6.15.1-darwin-x64.tar.gz<br> | ||
| Linux 32-bit Binary: https://nodejs.org/dist/v6.15.1/node-v6.15.1-linux-x86.tar.xz<br> | ||
| Linux 64-bit Binary: https://nodejs.org/dist/v6.15.1/node-v6.15.1-linux-x64.tar.xz<br> | ||
| Linux PPC LE 64-bit Binary: https://nodejs.org/dist/v6.15.1/node-v6.15.1-linux-ppc64le.tar.xz<br> | ||
| Linux PPC BE 64-bit Binary: https://nodejs.org/dist/v6.15.1/node-v6.15.1-linux-ppc64.tar.xz<br> | ||
| Linux s390x 64-bit Binary: https://nodejs.org/dist/v6.15.1/node-v6.15.1-linux-s390x.tar.xz<br> | ||
| AIX 64-bit Binary: https://nodejs.org/dist/v6.15.1/node-v6.15.1-aix-ppc64.tar.gz<br> | ||
| SunOS 32-bit Binary: https://nodejs.org/dist/v6.15.1/node-v6.15.1-sunos-x86.tar.xz<br> | ||
| SunOS 64-bit Binary: https://nodejs.org/dist/v6.15.1/node-v6.15.1-sunos-x64.tar.xz<br> | ||
| ARMv6 32-bit Binary: https://nodejs.org/dist/v6.15.1/node-v6.15.1-linux-armv6l.tar.xz<br> | ||
| ARMv7 32-bit Binary: https://nodejs.org/dist/v6.15.1/node-v6.15.1-linux-armv7l.tar.xz<br> | ||
| ARMv8 64-bit Binary: https://nodejs.org/dist/v6.15.1/node-v6.15.1-linux-arm64.tar.xz<br> | ||
| Source Code: https://nodejs.org/dist/v6.15.1/node-v6.15.1.tar.gz<br> | ||
| Other release files: https://nodejs.org/dist/v6.15.1/<br> | ||
| Documentation: https://nodejs.org/docs/v6.15.1/api/ | ||
|
|
||
| <h3 id="shasums">SHASUMS</h3> | ||
|
|
||
| ``` | ||
| -----BEGIN PGP SIGNED MESSAGE----- | ||
| Hash: SHA256 | ||
| dcabcb43de205f1946f9cb415c728a5d542345117c9a61a506c587b4c7c01b52 node-v6.15.1-aix-ppc64.tar.gz | ||
| febce60c9ca2d9798483b005e287389ec643edd58a749d66bafc0d02d497061f node-v6.15.1-darwin-x64.tar.gz | ||
| 82d9f7477a72742a7aba679ecc74f4de7f6c0b6236a423f62e19be82442f4fdc node-v6.15.1-darwin-x64.tar.xz | ||
| fbf18a7e7474f4a8de2a45233d9229a558a2149a509b183d6d9a1d2753eab69b node-v6.15.1-headers.tar.gz | ||
| 929f7be7d51dd73cf75609c6e178fccb0ce7f8784dbf64c0ebfc1155f7226cd1 node-v6.15.1-headers.tar.xz | ||
| 436bbf8467418afb8d505cbaf9203dba27103020f8289975d383c3e97872428d node-v6.15.1-linux-arm64.tar.gz | ||
| 8a5d9d08af4bffee4ff2023370a050a921f14ca38d2e43b695932e1550dd0e4a node-v6.15.1-linux-arm64.tar.xz | ||
| acc3d7a994e928e027b4738469e63292dd2da8e8bf42f3a3cec9c459eab15252 node-v6.15.1-linux-armv6l.tar.gz | ||
| d32eabb3169b536fb2f83f7cda314305e23f0017eb550e5efb5314a879763d02 node-v6.15.1-linux-armv6l.tar.xz | ||
| c794d8a3f1d9ec9bbd57671a57583a3dca7f4f099d9c06b5ab7bc7c075c522bd node-v6.15.1-linux-armv7l.tar.gz | ||
| 86450c1c3679d855b578791b7702c3d805df182fa63317ab92ac427a340148f6 node-v6.15.1-linux-armv7l.tar.xz | ||
| 70d63aa325b8ee7a121fa878e5abd5fcce603ba4172d7fc0e667fe39b00ae291 node-v6.15.1-linux-ppc64le.tar.gz | ||
| 10517e871477b173e4e6f9818013b45b53fb6c39e330561b8d9b5e85e7983029 node-v6.15.1-linux-ppc64le.tar.xz | ||
| 1b0fffb2e9fff929f8f41ed29b6585e12fd230854da2196d48cc49f0579b6227 node-v6.15.1-linux-ppc64.tar.gz | ||
| 49bdca00e1f76e7fe0d7147a46382aaee0752cf9f9894180e0dc4657a862dc4e node-v6.15.1-linux-ppc64.tar.xz | ||
| a22db341ffc22101d2392eed9212a1bc05d94d11b621fecd321fe8b57b139c87 node-v6.15.1-linux-s390x.tar.gz | ||
| 9783db5be4652ec97e82e5c02b44776bc4f7405e741c9f4822590f1fdd22085d node-v6.15.1-linux-s390x.tar.xz | ||
| aa8ef47382853d7124110203c3773515cff00737f1cd7bce98bd388603141c6d node-v6.15.1-linux-x64.tar.gz | ||
| bc39a08ef41712d974c87f0a323b13d2c3f2320cf4f1683f0e6293fc7179a872 node-v6.15.1-linux-x64.tar.xz | ||
| 8790767b3f6bcd99df81d3e486482799ebeba87bc5352b5b3b7623caf51900df node-v6.15.1-linux-x86.tar.gz | ||
| 659576fd9c2de75b4ccc210a815495ed3be0aa979ce2e6f9e12a25dd3c415029 node-v6.15.1-linux-x86.tar.xz | ||
| 4e3675e929506a2ec05f232cb220995ac2c31f7e8c6e2d6b46dabffaedc51075 node-v6.15.1.pkg | ||
| 0aaeeb4514d7859425b72ceb252451fa8794126b3b6b153a63549a6ae377d147 node-v6.15.1-sunos-x64.tar.gz | ||
| c40c4478475b3f93f9e588506d40ed57e8807dae569f3f9ddc294058a0ab371a node-v6.15.1-sunos-x64.tar.xz | ||
| 6ae54f400b126ff535c31d1a7f8d795344977e83e334cdfe610c85bad85a88cc node-v6.15.1-sunos-x86.tar.gz | ||
| 63a962748304edcbfbe345db1f1f51cc420517e904c74e3e578c2319a614e520 node-v6.15.1-sunos-x86.tar.xz | ||
| 3e08c82c95ab32f476199369e894b48d70cbaaaa12c1b67f60584c618a6eb0ca node-v6.15.1.tar.gz | ||
| c3bde58a904b5000a88fbad3de630d432693bc6d9d6fec60a5a19e68498129c2 node-v6.15.1.tar.xz | ||
| 75469afe2bf47868844d84196567180d19e54574787e1cda328227240b8b1b26 node-v6.15.1-win-x64.7z | ||
| be2e51d8d62f41be97e8c64011d1e3f32394e2d45b044f49eeb17b11ec77c7e6 node-v6.15.1-win-x64.zip | ||
| 7acbcea9501df79c8261c2dd9bbb1e452cf98560ccebb178da9bc9b92257b13b node-v6.15.1-win-x86.7z | ||
| 90f17b524ffe6da2369b90fd507dea9bbad3f7608e8adc1a205de025fb6d3df9 node-v6.15.1-win-x86.zip | ||
| 9fda93a5ad0fc2b5ef8bddcae697365b4ffce6a366814d4adf22ed813f189d8d node-v6.15.1-x64.msi | ||
| 7c085e59ebdd8fc9a2090b3c68765acc2314e8fce347f468f67e70420e238a3a node-v6.15.1-x86.msi | ||
| b8ee12c5a87b26a11f9aa31ba84905912ebcf21768eeba97a0471d08fc504296 win-x64/node.exe | ||
| d806ff42433597ddafb2092cc7d003cf2171630ef2eaf150afdbebe390774542 win-x64/node.lib | ||
| db2bbc5b26e945acd4e54e6843c2ff6445000d3c62dd702b094ee0ca3f3ea474 win-x64/node_pdb.7z | ||
| 15ce2d8f1232c84c8975d7ee56c676097cb39cb6c2a8f4ea0e2ba400b57e6484 win-x64/node_pdb.zip | ||
| 76b680db25993dd707911c4772630c38ad997579d9b024fb857c60be5b70d43a win-x86/node.exe | ||
| 4d2ddebf5511cde7f001e9e8312d0a71ec21bc00697990cea44c9fdb3a1488ab win-x86/node.lib | ||
| d789353a2e91b4a8ea831388e4f73044bedc2a78d842e7bece22f6d3801b5137 win-x86/node_pdb.7z | ||
| c651483ba0451e470f7e66f6d6a0a0ed6dc249cf176cfa88c5afe6cfcf85afe5 win-x86/node_pdb.zip | ||
| -----BEGIN PGP SIGNATURE----- | ||
| iQEzBAEBCAAdFiEE3Y8jOLrnUB491ax4wnN5L32DVF0FAlwFOegACgkQwnN5L32D | ||
| VF1u3wf+JSxl7s0NQYqSZcQErXzOcyOR3Ox8T81DM9MjnT2YIths8I8tMIutmc8D | ||
| yuMjkib0A5+lZkNRswMQAGZI58q6vwycUIxgbLJcAsNzbSHf3aGHx5wVeC8wxwUM | ||
| FQU+5G8Qt7DAFyI2K3h9D0iKie8/xgbYRrU9YvIj3U+9GOwoyHFYlAsgfiI8UJSh | ||
| klXxrYlRUhuyOj6yOLTMm60ANT2NOF5EbgyLVHFvMGEMROX785N6oC9qoYbuPX5V | ||
| Q4y9ZBtMMWu+1wkhQkrm+V0QdPT+VRpgxpc6a1PzCBI/3zocIRpc4m/GLupTbI+M | ||
| lP0m7nBWyRiOjV2O12mze/gIRbVfMA== | ||
| =n+/G | ||
| -----END PGP SIGNATURE----- | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -24,6 +24,8 @@ Downloads are available for the following versions. Details of code changes can | |
| * [Node.js 8.14.0 (LTS "Carbon")](https://nodejs.org/en/blog/release/v8.14.0) | ||
| * [Node.js 6.15.0 (LTS "Boron")](https://nodejs.org/en/blog/release/v6.15.0) | ||
|
|
||
| ***Note (3-December-2018):*** _Node.js [6.15.1 (LTS "Boron")](/en/blog/release/v6.15.1) was released to fix a misapplied backport for one of the fixes listed below. See the [release page](/en/blog/release/v6.15.1) for more information._ | ||
|
|
||
| ## Debugger port 5858 listens on any interface by default (CVE-2018-12120) | ||
|
|
||
| _Categorization: Unprotected Primary Channel ([CWE-419](https://cwe.mitre.org/data/definitions/419.html))_ | ||
|
|
@@ -184,4 +186,4 @@ The current Node.js security policy can be found at https://nodejs.org/en/securi | |
|
|
||
| Please contact [email protected] if you wish to report a vulnerability in Node.js. | ||
|
|
||
| Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the [nodejs GitHub organization](https://github.com/nodejs/). | ||
| Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the [nodejs GitHub organization](https://github.com/nodejs/). | ||