惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
GbyAI
GbyAI
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
博客园 - 三生石上(FineUI控件)
美团技术团队
Last Week in AI
Last Week in AI
WordPress大学
WordPress大学
L
LangChain Blog
雷峰网
雷峰网
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
博客园 - 叶小钗
Engineering at Meta
Engineering at Meta
腾讯CDC
Recent Announcements
Recent Announcements
The Register - Security
The Register - Security
有赞技术团队
有赞技术团队
Blog — PlanetScale
Blog — PlanetScale
博客园 - Franky
博客园 - 司徒正美
The Cloudflare Blog
Google DeepMind News
Google DeepMind News
T
Tailwind CSS Blog
C
Check Point Blog
小众软件
小众软件
V
Visual Studio Blog
V
V2EX
F
Full Disclosure
J
Java Code Geeks
MongoDB | Blog
MongoDB | Blog
罗磊的独立博客
人人都是产品经理
人人都是产品经理
量子位
Apple Machine Learning Research
Apple Machine Learning Research
F
Fortinet All Blogs
Microsoft Security Blog
Microsoft Security Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
博客园 - 【当耐特】
博客园_首页
Y
Y Combinator Blog
N
Netflix TechBlog - Medium
酷 壳 – CoolShell
酷 壳 – CoolShell
Stack Overflow Blog
Stack Overflow Blog
Recorded Future
Recorded Future
G
Google Developers Blog
Vercel News
Vercel News
大猫的无限游戏
大猫的无限游戏
Microsoft Azure Blog
Microsoft Azure Blog
U
Unit 42
爱范儿
爱范儿
Jina AI
Jina AI

Node.js Blog

Node.js — Security Bug Bounty Program Paused Due to Loss of Funding Node.js — Node.js 25.9.0 (Current) Node.js — Developing a minimally HashDoS resistant, yet quickly reversible integer hash for V8 Node.js — Node.js 25.8.2 (Current) Node.js — Node.js 24.14.1 (LTS) Node.js — Node.js 22.22.2 (LTS) Node.js — Node.js 20.20.2 (LTS) Node.js — Tuesday, March 24, 2026 Security Releases Node.js — Node.js 25.8.1 (Current) Node.js — Evolving the Node.js Release Schedule Node.js — Node.js 22.22.1 (LTS) Node.js — Node.js 20.20.1 (LTS) Node.js — Node.js 25.8.0 (Current) Node.js — Node.js 25.7.0 (Current) Node.js — Node.js 24.14.0 (LTS) Node.js — New HackerOne Signal Requirement for Vulnerability Reports Node.js — Node.js 25.6.1 (Current) Node.js — Node.js 24.13.1 (LTS) Node.js — Node.js 25.6.0 (Current) Node.js — OpenSSL Security Advisory Assessment, January 2026 Node.js — Node.js 25.5.0 (Current) Node.js — Chalk to Node.js util styleText Node.js — Node.js 25.4.0 (Current) Node.js — Mitigating Denial-of-Service Vulnerability from Unrecoverable Stack Space Exhaustion for React, Next.js, and APM Users Node.js — Node.js 22.22.0 (LTS) Node.js — Node.js 25.3.0 (Current) Node.js — Node.js 24.13.0 (LTS) Node.js — Node.js 20.20.0 (LTS) Node.js — Tuesday, January 13, 2026 Security Releases Node.js — Node.js 24.12.0 (LTS) Node.js — Node.js 20.19.6 (LTS) Node.js — Node.js 25.2.1 (Current) Node.js — Node.js 24.11.1 (LTS) Node.js — Node.js 25.2.0 (Current) Node.js — Node.js 25.1.0 (Current) Node.js — Node.js 22.21.1 (LTS) Node.js — Node.js 24.11.0 (LTS) Node.js — Node.js v22 to v24 Node.js — Node.js v20 to v22 Node.js — Node.js v14 to v16 Node.js — Node.js v12 to v14 Node.js — Node.js 22.21.0 (LTS) Node.js — Node.js 25.0.0 (Current) Node.js — Node.js 24.10.0 (Current) Node.js — Node.js 24.9.0 (Current) Node.js — Node.js 22.20.0 (LTS) Node.js — Node.js 24.8.0 (Current) Node.js — Node.js 20.19.5 (LTS) Node.js — Node.js 22.19.0 (LTS) Node.js — Node.js 24.7.0 (Current) Node.js — Node.js 24.6.0 (Current) Node.js — Node.js 22.18.0 (LTS) Node.js — Node.js 24.5.0 (Current) Node.js — Node.js 20.19.4 (LTS) Node.js — Node.js 22.17.1 (LTS) Node.js — Node.js 24.4.1 (Current) Node.js — Tuesday, July 15, 2025 Security Releases Node.js — Node.js 24.4.0 (Current) Node.js — Node.js LGBTQIA+ Stories: Emelia Smith Node.js — Open sourced identity Node.js — Node.js 22.17.0 (LTS) Node.js — Node.js 24.3.0 (Current) Node.js — Node.js 20.19.3 (LTS) Node.js — In Memory of Mikeal Rogers: A Builder of Communities Node.js — Node.js 24.2.0 (Current) Node.js — Beware of End-of-Life Node.js Versions - Upgrade or Seek Post-EOL Support Node.js — Trip report: Node.js collaboration summit (2025 Paris) Node.js — Node.js 22.16.0 (LTS) Node.js — Node.js 24.1.0 (Current) Node.js — Node.js 24.0.2 (Current) Node.js — Node.js 23.11.1 (Current) Node.js — Node.js 22.15.1 (LTS) Node.js — Node.js 20.19.2 (LTS) Node.js — Wednesday, May 14, 2025 Security Releases Node.js — Node.js 24.0.1 (Current) Node.js — Node.js 24.0.0 (Current) Node.js — Node.js Test CI Security Incident Node.js — Node.js 22.15.0 (LTS) Node.js — Node.js 20.19.1 (LTS) Node.js — Making Node.js Downloads Reliable Node.js — Node.js 23.11.0 (Current) Node.js — Node.js 23.10.0 (Current) Node.js — Node.js 20.19.0 (LTS) Node.js — Updates on CVE for End-of-Life Versions Node.js — Node.js 23.9.0 (Current) Node.js — Node.js 18.20.7 (LTS) Node.js — Node.js 20.18.3 (LTS) Node.js — Node.js 9.3.0 (Current) Node.js — Data Confidentiality/Integrity Vulnerability, December 2017 Node.js — Node.js 9.2.1 (Current) Node.js — Node.js 8.9.3 (LTS) Node.js — Node.js 4.8.7 (Maintenance) Node.js — Node.js 8.9.2 (LTS) Node.js — Node.js 6.12.1 (LTS) Node.js — Node.js 9.2.0 (Current) Node.js — Node.js 8.9.1 (LTS) Node.js — Node.js 9.1.0 (Current) Node.js — Node.js 0.10.35 (Stable) Node.js — Node.js 0.10.34 (Stable) Node.js — Node.js 0.10.29 (Stable)
Node.js — Node.js 0.12.5 (Stable)
2015-06-22 · via Node.js Blog

The Node.js Project

With this new release, OpenSSL has been upgraded to 1.0.1o to fix several security vulnerabilities. Two of them affect Node.js directly: Logjam and CVE-2015-1788.

Regarding Logjam, OpenSSL has added protection for TLS clients by rejecting handshakes with DH parameters shorter than 768 bits. It means that upgrading to this release of Node.js may prevent TLS clients written in node from connecting to servers using short DH parameters.

Although it is a breaking change in a stable version, the Node.js TSC determined that this is the best path forward to ensure the security of software written with this and future stable versions of node. Should you encounter any issue with this release related to TLS clients not being able to connect to servers using short DH keys, please create an issue at https://github.com/joyent/node/issues.

As for CVE-2015-1788, before this release, TLS programs (including servers) written with Node.js are vulnerable to Denial Of Service attacks.

2015.06.22, Version 0.12.5 (Stable)

  • openssl: upgrade to 1.0.1o (Addressing multiple CVEs)

  • npm: upgrade to 2.11.2

  • uv: upgrade to 1.6.1

  • V8: avoid deadlock when profiling is active (Dmitri Melikyan)

  • install: fix source path for openssl headers (Oguz Bastemur)

  • install: make sure opensslconf.h is overwritten (Oguz Bastemur)

  • timers: fix timeout when added in timer's callback (Julien Gilli)

  • windows: broadcast WM_SETTINGCHANGE after install (Mathias Küsel)

Source Code: https://nodejs.org/dist/v0.12.5/node-v0.12.5.tar.gz

Macintosh Installer (Universal): https://nodejs.org/dist/v0.12.5/node-v0.12.5.pkg

Windows Installer: https://nodejs.org/dist/v0.12.5/node-v0.12.5-x86.msi

Windows x64 Installer: https://nodejs.org/dist/v0.12.5/x64/node-v0.12.5-x64.msi

Windows x64 Files: https://nodejs.org/dist/v0.12.5/x64/

Linux 32-bit Binary: https://nodejs.org/dist/v0.12.5/node-v0.12.5-linux-x86.tar.gz

Linux 64-bit Binary: https://nodejs.org/dist/v0.12.5/node-v0.12.5-linux-x64.tar.gz

Solaris 32-bit Binary: https://nodejs.org/dist/v0.12.5/node-v0.12.5-sunos-x86.tar.gz

Solaris 64-bit Binary: https://nodejs.org/dist/v0.12.5/node-v0.12.5-sunos-x64.tar.gz

Other release files: https://nodejs.org/dist/v0.12.5/

Website: https://nodejs.org/docs/v0.12.5/

Documentation: https://nodejs.org/docs/v0.12.5/api/

Shasums:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

a31674f017aa7bfff6d73d2d62501e78e19f2856  node-v0.12.5-darwin-x64.tar.gz
648c4da8bdb6bf0daadfa11a1f59dc5f354179f3  node-v0.12.5-darwin-x86.tar.gz
d06b46e4b9064b12c3cdb65defaf27b968262856  node-v0.12.5-linux-x64.tar.gz
2b5e20fcb362f34df5508b8334d52514701aa15f  node-v0.12.5-linux-x86.tar.gz
2dbc96c33dced5dc4632588035f92afdedaf0ff0  node-v0.12.5-sunos-x64.tar.gz
27eda0e7cd5cd748919055b22683ce0770ce1906  node-v0.12.5-sunos-x86.tar.gz
dd45f1fad6a32686afee6fc9b3353380481a9bec  node-v0.12.5-x86.msi
f5888618555f97c3d67366f11abaf097491ae6f4  node-v0.12.5.pkg
baecde8c2d297aa001a2a8ba2f2d086d970a13eb  node-v0.12.5.tar.gz
f4c8c81c60ed4ad1be2f2df93c0a99c9ba94a1e7  node.exe
2e6912adf6b1cfa3c818770bcd3c09882afcbf7c  node.exp
e88ff96166822f75d31b246358e13e814ddfc2d9  node.lib
9007edd47eeaa4d14329d879f4248ac42869676f  node.pdb
45e946f6ad94e2225c2f2c5081bd6bfa5dad3a5f  openssl-cli.exe
27ea2047ef5ccf0ebdb8b1a9c61e0c35d36c2c6c  openssl-cli.pdb
689e1dbedf5dac5b900584e878024ab3f31111a6  x64/node-v0.12.5-x64.msi
00652c22276b1e7b0b307437219efc3431446100  x64/node.exe
8888e187bfb8dc1f18f6e1284c46014bf97dbadb  x64/node.exp
c9ba1d50d1c962c169a0d47c8ab1f834ab637621  x64/node.lib
149ec0193bef26c57dc420dfe00f928bb4b7a579  x64/node.pdb
5cc07312c39b18ba27229919114b6b09724c9fb3  x64/openssl-cli.exe
590fb71ca72c876bbaad5e5ee6fe85acf406fe40  x64/openssl-cli.pdb
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJViGeDAAoJEFCjBR+IjGKN4OIP/iCxMMLAKTqlrSma5wiztO82
1ff4yE8rCs0jiGZVgTucmaI7j5fGFHJi1sbsBqqAeda3IYAEq+lL180YioHR8KlS
47cTvqeTnjIj1JhzhhRcGxs17IyK7YFJJmEQ+54XdYDB0dHDJM/UXy8ySiCxBdTf
c1Kzi6OGp7qmSAOdIo76q63AxWzKL5jVrxkBBmtyJFr6EW4xTkz98GDLaK+GeBHT
cdpcInYbtJpWNm/8XOfZqAR0tW4HZ6tYHuSxvaZh18YDd+SNsQgLCmR56pLEMkaw
frgfNje37r6jjx1f1GkpbdQHSVjFUZiiwTyKP7eTDMrjttRuYZk+VUCyh/abqZZ3
dfz9Ue22z5ZJyb9L3adrYATrGKBfkhwljcAgYCaGXOokKRZis8BkZJIQUbHI/jZr
/p2hg413EWYoV+ra0a6qjci0JufNJ5Y+02K3XS+qr0lGS4WICEgtni3p0VhWkKO4
ppYgJD4QhQVyH22fi0LklMoX2VO/iyDaNUKHOOHC1QnGQy/5bIGWE4IcSTWFXIpa
hXJT/UmGe7WXup+AQ53E2jzFK2xKX5qnRBGZWjUKQE+nT4o06QNbupZfMckGc8YO
yF1TCguhR+1oglGZbLyvPfCDuD8gJcI76LhDFkoztQbAmiNZql4CbmOw+R5ebDe+
E2abSYUpsCAZCr+Edudl
=Vxgb
-----END PGP SIGNATURE-----