-
Notifications
You must be signed in to change notification settings - Fork 6.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
blog: add february 2024 security release announcement (#6268)
- Loading branch information
Showing
1 changed file
with
34 additions
and
0 deletions.
There are no files selected for viewing
34 changes: 34 additions & 0 deletions
34
pages/en/blog/vulnerability/february-2024-security-releases.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
--- | ||
date: '2024-01-30:17:30:00.617Z' | ||
category: vulnerability | ||
title: Tuesday February 6 2024 Security Releases | ||
layout: blog-post.hbs | ||
author: Rafael Gonzaga | ||
--- | ||
|
||
## Summary | ||
|
||
The Node.js project will release new versions of the 18.x, 20.x and, 21.x | ||
releases lines on or shortly after, Tuesday February 6 2024 in order to address: | ||
|
||
- 4 high severity issues. | ||
- 4 medium severity issue. | ||
- 1 low severity issue. | ||
|
||
## Impact | ||
|
||
The 21.x release line of Node.js is vulnerable to 4 high severity issues, 4 medium severity issues, and 1 low severity issue. | ||
|
||
The 20.x release line of Node.js is vulnerable to 4 high severity issues, 4 medium severity issues, and 1 low severity issue. | ||
|
||
In addition, the 18.x release line of Node.js is vulnerable to 2 high severity issues, 2 medium severity issues, and 1 low severity issue. | ||
|
||
## Release timing | ||
|
||
Releases will be available on, or shortly after, Tuesday February 6 2024. | ||
|
||
## Contact and future updates | ||
|
||
The current Node.js security policy can be found at [https://nodejs.org/security/](/security/). Please follow the process outlined in <https://github.com/nodejs/node/security/policy> if you wish to report a vulnerability in Node.js. | ||
|
||
Subscribe to the low-volume announcement-only nodejs-sec mailing list at <https://groups.google.com/forum/#!forum/nodejs-sec> to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization. |