diff options
author | Rod Vagg <rod@vagg.org> | 2019-02-28 16:09:58 +1100 |
---|---|---|
committer | Rod Vagg <rod@vagg.org> | 2019-02-28 22:27:59 +1100 |
commit | f1cefdca803e1947558f8546940958518f8414b5 (patch) | |
tree | ec8db2b047a36512a890336d1b2f0377cd89a6e8 /CHANGELOG.md | |
parent | 667b31be954f3e97bdc19f1235c3625e627b3136 (diff) | |
download | node-new-f1cefdca803e1947558f8546940958518f8414b5.tar.gz |
2019-02-28, Version 11.10.1 (Current)
This is a security release. All Node.js users should consult the security
release summary at:
https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/
for details on patched vulnerabilities.
A fix for the following CVE is included in this release:
* Node.js: Slowloris HTTP Denial of Service with keep-alive
(CVE-2019-5737)
Notable Changes:
* http: Further prevention of "Slowloris" attacks on HTTP and HTTPS
connections by consistently applying the receive timeout set by
`server.headersTimeout` to connections in keep-alive mode. Reported by
Marco Pracucci (https://voxnest.com). (CVE-2019-5737 / Matteo Collina)
PR-URL: https://github.com/nodejs-private/node-private/pull/163
Diffstat (limited to 'CHANGELOG.md')
-rw-r--r-- | CHANGELOG.md | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index fefac179c0..1bc75ae43c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -28,7 +28,8 @@ release. </tr> <tr> <td valign="top"> -<b><a href="doc/changelogs/CHANGELOG_V11.md#11.10.0">11.10.0</a></b><br/> +<b><a href="doc/changelogs/CHANGELOG_V11.md#11.10.1">11.10.1</a></b><br/> +<a href="doc/changelogs/CHANGELOG_V11.md#11.10.0">11.10.0</a><br/> <a href="doc/changelogs/CHANGELOG_V11.md#11.9.0">11.9.0</a><br/> <a href="doc/changelogs/CHANGELOG_V11.md#11.8.0">11.8.0</a><br/> <a href="doc/changelogs/CHANGELOG_V11.md#11.7.0">11.7.0</a><br/> |