daohualiuxiang
/
node
mirror of https://github.com/nodejs/node.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

blog: Add security notice to v0.8.17 post

pull/24504/head
isaacs 2013-01-09 17:21:16 -08:00
parent 1388171d96
commit 6d9ee4b184
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
doc/blog/release/v0.8.17.md
View File

@ -4,6 +4,18 @@ slug: node-v0-8-17-stable
category: release
version: 0.8.17
This release addresses a potential security vulnerability.
If you do not use TypedArrays, then you're fine (but should still
upgrade for other reasons, like better performance and npm
peerDependencies.)
If you use TypedArrays, you should upgrade to v0.8.17 as soon as
possible. If user input can affect the size parameter in a
TypedArray, an integer overflow vulnerability could allow an attacker
to write to areas of memory outside the intended buffer. Please
upgrade ASAP.
2012.01.09, Version 0.8.17 (Stable)
* npm: Upgrade to v1.2.0