Node.js 預定在十月 24 號發表安全性更新

在「DOS security vulnerability, October 2017」這邊先發佈了日期與影響範圍,細節預定在 10/24 發表:

The Node.js project will be releasing new versions of 4.x, 6.x, and 8.x the week of the 24th of October to incorporate a security fix.

Versions 4.8.2 and later of Node.js are vulnerable.
Versions 6.10.2 and later of Node.js are vulnerable.
Versions 8.x of Node.js are vulnerable.

有心人應該可以去翻 4.8.2 改了什麼 (或是 6.10.2),不知道是不是跟前陣子的「V8 對 Hash Flooding 的防禦措施」有關...

One thought on “Node.js 預定在十月 24 號發表安全性更新”

Leave a Reply

Your email address will not be published. Required fields are marked *