Node v0.10.44 (Maintenance)

Rod Vagg

Rod Vagg

This is a security release, upgrading the bundled version of npm due to a credentials leak vulnerability. Further information can be found in our post: /blog/vulnerability/npm-tokens-leak-march-2016/

Please note that the version of npm included in this release does not have the correct version string. As such executing npm -v will report 2.15.0 rather than 2.15.1, which is incorrect. The source code included in this release is in fact the source for 2.15.1, including the security fix.

Notable changes:

  • npm: Upgrade to v2.15.1. Fixes a security flaw in the use of authentication tokens in HTTP requests that would allow an attacker to set up a server that could collect tokens from users of the command-line interface. Authentication tokens have previously been sent with every request made by the CLI for logged-in users, regardless of the destination of the request. This update fixes this by only including those tokens for requests made against the registry or registries used for the current install. IMPORTANT: This is a major upgrade to npm v2 LTS from the previously deprecated npm v1. (Forrest L Norvell) https://github.com/nodejs/node/pull/5967
  • openssl: OpenSSL v1.0.1s disables the EXPORT and LOW ciphers as they are obsolete and not considered safe. This release of Node.js turns on OPENSSL_NO_WEAK_SSL_CIPHERS to fully disable the 27 ciphers included in these lists which can be used in SSLv3 and higher. Full details can be found in our LTS discussion on the matter (https://github.com/nodejs/LTS/issues/85). (Shigeki Ohtsu) https://github.com/nodejs/node/pull/5712

Commits:

Windows 32-bit Installer: https://nodejs.org/dist/v0.10.44/node-v0.10.44-x86.msi
Windows 64-bit Installer: https://nodejs.org/dist/v0.10.44/x64/node-v0.10.44-x64.msi
Windows 32-bit Binary: https://nodejs.org/dist/v0.10.44/node.exe
Windows 64-bit Binary: https://nodejs.org/dist/v0.10.44/x64/node.exe
Mac OS X Universal Installer: https://nodejs.org/dist/v0.10.44/node-v0.10.44.pkg
Mac OS X 64-bit Binary: https://nodejs.org/dist/v0.10.44/node-v0.10.44-darwin-x64.tar.gz
Mac OS X 32-bit Binary: https://nodejs.org/dist/v0.10.44/node-v0.10.44-darwin-x86.tar.gz
Linux 32-bit Binary: https://nodejs.org/dist/v0.10.44/node-v0.10.44-linux-x86.tar.gz
Linux 64-bit Binary: https://nodejs.org/dist/v0.10.44/node-v0.10.44-linux-x64.tar.gz
SmartOS 32-bit Binary: https://nodejs.org/dist/v0.10.44/node-v0.10.44-sunos-x86.tar.gz
SmartOS 64-bit Binary: https://nodejs.org/dist/v0.10.44/node-v0.10.44-sunos-x64.tar.gz
Source Code: https://nodejs.org/dist/v0.10.44/node-v0.10.44.tar.gz
Other release files: https://nodejs.org/dist/v0.10.44/
Documentation: https://nodejs.org/docs/v0.10.44/api/

Shasums (GPG signing hash: SHA512, file hash: SHA256):

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ad1ab74e1315828a7fd1452e565791a0544ca6c86c76ddd9275287c84ccaca74  node.exe
e9142dda53c17fb84a30438a4f4b69f8f474750d1cf32b4057edaea2309b3aec  node.exp
5b2b75d133380996a6c0433944c61d47777389bbcba9ffdd20ef0c37a28f1565  node.lib
cf46dd07a29abfadf9096d5b29878618433cc6ef5307f523ae283e7b1150e660  node.pdb
cc9916991a16395c4a561db6d091a9a1e9af13e66dddbd03d3c687d0ab3e52a9  node-v0.10.44-darwin-x64.tar.gz
d9aa4cdae49798b45818ddcd38cc8781a591e2b1c6d6c9c9599205353771d602  node-v0.10.44-darwin-x64.tar.xz
7c582b190050d268b4fa4d1a4e4b3456be1a9c224407a4ef61258af6e95f01d8  node-v0.10.44-darwin-x86.tar.gz
e1920de5cf492079a44113c5f5bf4954b73ad8ae26a79c196bb915ce31766a85  node-v0.10.44-darwin-x86.tar.xz
1f61b9a97e4a4100ad601661d3e53556fc8287c36cc56a7c9bf1617b30c5eed4  node-v0.10.44-headers.tar.gz
28192921448ec80632ec5a34aca438136b7384e35878fbf4c8486825590e67ef  node-v0.10.44-headers.tar.xz
b5f4acc54e5527d793463e05b5435f11dd1f0997168aa71d53a1ff1a06c7b144  node-v0.10.44-linux-x64.tar.gz
1c72d19eb4c505a3e6c76038b9c25fc1fee09829215f67e040e363996b160c14  node-v0.10.44-linux-x64.tar.xz
8eb2b47928f56b0a7bbbde72074af84bc8864544b75f991facc3fbf4d7ed0c99  node-v0.10.44-linux-x86.tar.gz
45c300fafc8a71c240c94ca8b43701edf5fbdaa1d80ac449b96d46922b61ce0f  node-v0.10.44-linux-x86.tar.xz
53a918e31ea61cf5106b3cfcedbe5b331cbca0f6508abbf02a77a9bbdc78aeb3  node-v0.10.44.pkg
ee2867b193b53ffab308bea6f0e4c197222903ae308b1748eceaa786402d6c15  node-v0.10.44-sunos-x64.tar.gz
3ce6599f526e1cca2fe2d736e946c34c1f830926987cabd8c22066dc5511ba99  node-v0.10.44-sunos-x64.tar.xz
0b385a3aa1f9122bca205515917a2406ab24782ecbbb886ceb5dcba93f3a9758  node-v0.10.44-sunos-x86.tar.gz
c2cd71e47ac8e2565e4c176e78f22c6ff45752dd0ddc32fa4251f4d6fa17d18a  node-v0.10.44-sunos-x86.tar.xz
4155639d71e690cafd885f58a8be3bf97a93c28875212aac991923d3ee589be8  node-v0.10.44.tar.gz
25b2cd910822723e972a3990d5687b7ff48581ad2f77aa1942d99a1b024f434a  node-v0.10.44.tar.xz
7052fecac6a3c4969d62dc655f1ae4c98bc00323e16e9a3ec4dfabd85da2e2fa  node-v0.10.44-x86.msi
977af6c6b87b2cedbbe43292eb2a9533c9bb385af0d7f4cb503d2a73266437c8  openssl-cli.exe
83e2e5209f110f77cfb1b5198312dce7714084979b31285b7718b08fd8c4e9c5  openssl-cli.pdb
e1044fc4768ea380d2a4dfd10f35ac90194333a753b7ca740a81840aa5ecfa98  x64/node.exe
a386a731e0880be60531af7ad291f9ab5cb1829d9a73247e5ee7b4fd5fc734b5  x64/node.exp
d11f6d920a9a1484248415fba80c74b2836ef66325935b0d3d4b4248a4be268a  x64/node.lib
47ee02bb149e6622dabcb2c26dcf0c32b9b8419118d6f3ea2d4d3eeca4d6229f  x64/node.pdb
b98c678fdd2a18b380f277d635f3720df4b4c967b6fa204979f1c62f418b9940  x64/node-v0.10.44-x64.msi
3fd5077d54b1f1ada05e3022c5730344b22efbd1ecd63f6db63506a48c0ebcc5  x64/openssl-cli.exe
6a08f8e77a6754938cbe5cbad656b5a39aae62e8ca54af144340bf6b372212a9  x64/openssl-cli.pdb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJW/fmNAAoJEMJzeS99g1Rd2OMH/1ao48kMN6+E+mMR+aG6hxir
AKUSHVYHqVt2WG5/9XJHCRNTnE5D+xCX9heF+PgFtZGpzoJRfwho7TTn+XlFD/4i
4UAPPfJW4mOo4rdywQ6Ry8hqJnBS3Ewyj6ABvdcBPyrJCQf7ZOhi6QEJQwx70yMA
TKWUaEQGhMmQB+zKhmfWuVjFIv+ZW7z/fOW6v/51QGF0zuOrwcboABXUFiIxsyNq
XgG1TkZhj1jZeaR7YAyk5NxMLhblz9FC5JaaqutoA1VFcPopDMOFbV3rwZKWe1yo
wqJYf6JKhenBRM+P9rRUl7wlVBSjHBW9SP+BOzL7ETQG1ebhYsCLytz+9gNtX0E=
=gzZT
-----END PGP SIGNATURE-----

Востаннє оновлено
01 квіт. 2016 р.
Час на читання
3 min read
Долучитися
Edit this page
Зміст
  1. Notable changes: