Skip to content

Commit

Permalink
doc: add OpenSSL CVE fix to notable changes in v15.5.0
Browse files Browse the repository at this point in the history 
PR-URL: #36798
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
  • Loading branch information
@BethGriggs @danielleadams
BethGriggs authored and danielleadams committed Jan 12, 2021
1 parent 6db465a commit ff39464
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions doc/changelogs/CHANGELOG_V15.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,12 @@ Vulnerabilities fixed:

### Notable Changes

#### OpenSSL-1.1.1i

OpenSSL-1.1.1i contains a fix for CVE-2020-1971: OpenSSL - EDIPARTYNAME NULL pointer de-reference (High). This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20201208.txt

Contributed by Myles Borins [#36520](https://github.com/nodejs/node/pull/36520).

#### Extended support for `AbortSignal` in child_process and stream

The following APIs now support an `AbortSignal` in their options object:
Expand Down

0 comments on commit ff39464

Please sign in to comment.