惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Engineering at Meta
Engineering at Meta
T
Threatpost
P
Palo Alto Networks Blog
NISL@THU
NISL@THU
O
OpenAI News
Project Zero
Project Zero
G
GRAHAM CLULEY
P
Privacy International News Feed
A
Arctic Wolf
Microsoft Azure Blog
Microsoft Azure Blog
H
Help Net Security
M
MIT News - Artificial intelligence
T
Threat Research - Cisco Blogs
S
Security @ Cisco Blogs
Google DeepMind News
Google DeepMind News
B
Blog RSS Feed
D
Docker
aimingoo的专栏
aimingoo的专栏
博客园 - 【当耐特】
N
Netflix TechBlog - Medium
云风的 BLOG
云风的 BLOG
雷峰网
雷峰网
W
WeLiveSecurity
P
Proofpoint News Feed
腾讯CDC
Cloudbric
Cloudbric
S
Secure Thoughts
C
Check Point Blog
博客园 - Franky
T
The Exploit Database - CXSecurity.com
T
Troy Hunt's Blog
GbyAI
GbyAI
Security Archives - TechRepublic
Security Archives - TechRepublic
Application and Cybersecurity Blog
Application and Cybersecurity Blog
月光博客
月光博客
C
Cyber Attacks, Cyber Crime and Cyber Security
I
Intezer
TaoSecurity Blog
TaoSecurity Blog
L
Lohrmann on Cybersecurity
V
Visual Studio Blog
F
Fortinet All Blogs
博客园 - 叶小钗
C
CXSECURITY Database RSS Feed - CXSecurity.com
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Recorded Future
Recorded Future
C
Cisco Blogs
博客园 - 司徒正美
Stack Overflow Blog
Stack Overflow Blog
Y
Y Combinator Blog
Apple Machine Learning Research
Apple Machine Learning Research

Node.js Blog

Node.js — Security Bug Bounty Program Paused Due to Loss of Funding Node.js — Node.js 25.9.0 (Current) Node.js — Developing a minimally HashDoS resistant, yet quickly reversible integer hash for V8 Node.js — Node.js 25.8.2 (Current) Node.js — Node.js 24.14.1 (LTS) Node.js — Node.js 22.22.2 (LTS) Node.js — Node.js 20.20.2 (LTS) Node.js — Tuesday, March 24, 2026 Security Releases Node.js — Node.js 25.8.1 (Current) Node.js — Evolving the Node.js Release Schedule Node.js — Node.js 22.22.1 (LTS) Node.js — Node.js 20.20.1 (LTS) Node.js — Node.js 25.8.0 (Current) Node.js — Node.js 25.7.0 (Current) Node.js — Node.js 24.14.0 (LTS) Node.js — New HackerOne Signal Requirement for Vulnerability Reports Node.js — Node.js 25.6.1 (Current) Node.js — Node.js 24.13.1 (LTS) Node.js — Node.js 25.6.0 (Current) Node.js — OpenSSL Security Advisory Assessment, January 2026 Node.js — Node.js 25.5.0 (Current) Node.js — Chalk to Node.js util styleText Node.js — Node.js 25.4.0 (Current) Node.js — Mitigating Denial-of-Service Vulnerability from Unrecoverable Stack Space Exhaustion for React, Next.js, and APM Users Node.js — Node.js 22.22.0 (LTS) Node.js — Node.js 25.3.0 (Current) Node.js — Node.js 24.13.0 (LTS) Node.js — Node.js 20.20.0 (LTS) Node.js — Tuesday, January 13, 2026 Security Releases Node.js — Node.js 24.12.0 (LTS) Node.js — Node.js 20.19.6 (LTS) Node.js — Node.js 25.2.1 (Current) Node.js — Node.js 24.11.1 (LTS) Node.js — Node.js 25.2.0 (Current) Node.js — Node.js 25.1.0 (Current) Node.js — Node.js 22.21.1 (LTS) Node.js — Node.js 24.11.0 (LTS) Node.js — Node.js v22 to v24 Node.js — Node.js v20 to v22 Node.js — Node.js v14 to v16 Node.js — Node.js v12 to v14 Node.js — Node.js 22.21.0 (LTS) Node.js — Node.js 25.0.0 (Current) Node.js — Node.js 24.10.0 (Current) Node.js — Node.js 24.9.0 (Current) Node.js — Node.js 22.20.0 (LTS) Node.js — Node.js 24.8.0 (Current) Node.js — Node.js 20.19.5 (LTS) Node.js — Node.js 22.19.0 (LTS) Node.js — Node.js 24.7.0 (Current) Node.js — Node.js 24.6.0 (Current) Node.js — Node.js 22.18.0 (LTS) Node.js — Node.js 24.5.0 (Current) Node.js — Node.js 20.19.4 (LTS) Node.js — Node.js 22.17.1 (LTS) Node.js — Node.js 24.4.1 (Current) Node.js — Tuesday, July 15, 2025 Security Releases Node.js — Node.js 24.4.0 (Current) Node.js — Node.js LGBTQIA+ Stories: Emelia Smith Node.js — Open sourced identity Node.js — Node.js 22.17.0 (LTS) Node.js — Node.js 24.3.0 (Current) Node.js — Node.js 20.19.3 (LTS) Node.js — In Memory of Mikeal Rogers: A Builder of Communities Node.js — Node.js 24.2.0 (Current) Node.js — Beware of End-of-Life Node.js Versions - Upgrade or Seek Post-EOL Support Node.js — Trip report: Node.js collaboration summit (2025 Paris) Node.js — Node.js 22.16.0 (LTS) Node.js — Node.js 24.1.0 (Current) Node.js — Node.js 24.0.2 (Current) Node.js — Node.js 23.11.1 (Current) Node.js — Node.js 22.15.1 (LTS) Node.js — Node.js 20.19.2 (LTS) Node.js — Wednesday, May 14, 2025 Security Releases Node.js — Node.js 24.0.1 (Current) Node.js — Node.js 24.0.0 (Current) Node.js — Node.js Test CI Security Incident Node.js — Node.js 22.15.0 (LTS) Node.js — Node.js 20.19.1 (LTS) Node.js — Making Node.js Downloads Reliable Node.js — Node.js 23.11.0 (Current) Node.js — Node.js 23.10.0 (Current) Node.js — Node.js 20.19.0 (LTS) Node.js — Updates on CVE for End-of-Life Versions Node.js — Node.js 23.9.0 (Current) Node.js — Node.js 18.20.7 (LTS) Node.js — Node.js 20.18.3 (LTS) Node.js — Node.js 9.3.0 (Current) Node.js — Data Confidentiality/Integrity Vulnerability, December 2017 Node.js — Node.js 9.2.1 (Current) Node.js — Node.js 8.9.3 (LTS) Node.js — Node.js 4.8.7 (Maintenance) Node.js — Node.js 8.9.2 (LTS) Node.js — Node.js 6.12.1 (LTS) Node.js — Node.js 9.2.0 (Current) Node.js — Node.js 8.9.1 (LTS) Node.js — Node.js 9.1.0 (Current) Node.js — Node.js 0.10.35 (Stable) Node.js — Node.js 0.10.34 (Stable) Node.js — Node.js 0.10.29 (Stable)
Node.js — Node.js 20.11.1 (LTS)
2024-02-14 · via Node.js Blog

Rafael Gonzaga

2024-02-14, Version 20.11.1 'Iron' (LTS), @RafaelGSS prepared by @marco-ippolito

Notable changes

This is a security release.

Notable changes

  • CVE-2024-21892 - Code injection and privilege escalation through Linux capabilities- (High)
  • CVE-2024-22019 - http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks- (High)
  • CVE-2024-21896 - Path traversal by monkey-patching Buffer internals- (High)
  • CVE-2024-22017 - setuid() does not drop all privileges due to io_uring - (High)
  • CVE-2023-46809 - Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) - (Medium)
  • CVE-2024-21891 - Multiple permission model bypasses due to improper path traversal sequence sanitization - (Medium)
  • CVE-2024-21890 - Improper handling of wildcards in --allow-fs-read and --allow-fs-write (Medium)
  • CVE-2024-22025 - Denial of Service by resource exhaustion in fetch() brotli decoding - (Medium)
  • undici version 5.28.3
  • libuv version 1.48.0
  • OpenSSL version 3.0.13+quic1

Commits

Windows 32-bit Installer: https://nodejs.org/dist/v20.11.1/node-v20.11.1-x86.msi
Windows 64-bit Installer: https://nodejs.org/dist/v20.11.1/node-v20.11.1-x64.msi
Windows ARM 64-bit Installer: https://nodejs.org/dist/v20.11.1/node-v20.11.1-arm64.msi
Windows 32-bit Binary: https://nodejs.org/dist/v20.11.1/win-x86/node.exe
Windows 64-bit Binary: https://nodejs.org/dist/v20.11.1/win-x64/node.exe
Windows ARM 64-bit Binary: https://nodejs.org/dist/v20.11.1/win-arm64/node.exe
macOS 64-bit Installer: https://nodejs.org/dist/v20.11.1/node-v20.11.1.pkg
macOS Apple Silicon 64-bit Binary: https://nodejs.org/dist/v20.11.1/node-v20.11.1-darwin-arm64.tar.gz
macOS Intel 64-bit Binary: https://nodejs.org/dist/v20.11.1/node-v20.11.1-darwin-x64.tar.gz
Linux 64-bit Binary: https://nodejs.org/dist/v20.11.1/node-v20.11.1-linux-x64.tar.xz
Linux PPC LE 64-bit Binary: https://nodejs.org/dist/v20.11.1/node-v20.11.1-linux-ppc64le.tar.xz
Linux s390x 64-bit Binary: https://nodejs.org/dist/v20.11.1/node-v20.11.1-linux-s390x.tar.xz
AIX 64-bit Binary: https://nodejs.org/dist/v20.11.1/node-v20.11.1-aix-ppc64.tar.gz
ARMv7 32-bit Binary: https://nodejs.org/dist/v20.11.1/node-v20.11.1-linux-armv7l.tar.xz
ARMv8 64-bit Binary: https://nodejs.org/dist/v20.11.1/node-v20.11.1-linux-arm64.tar.xz
Source Code: https://nodejs.org/dist/v20.11.1/node-v20.11.1.tar.gz
Other release files: https://nodejs.org/dist/v20.11.1/
Documentation: https://nodejs.org/docs/v20.11.1/api/

SHASUMS

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

43a881788549e1b3425eb5f2b92608f438f146e08213de09c5bd5ff841cae7ae  node-v20.11.1-aix-ppc64.tar.gz
3f8e77b775372c0b27d2b85ce899d80339691f480e64dde43d4eb01504a58679  node-v20.11.1-arm64.msi
e0065c61f340e85106a99c4b54746c5cee09d59b08c5712f67f99e92aa44995d  node-v20.11.1-darwin-arm64.tar.gz
fd771bf3881733bfc0622128918ae6baf2ed1178146538a53c30ac2f7006af5b  node-v20.11.1-darwin-arm64.tar.xz
c52e7fb0709dbe63a4cbe08ac8af3479188692937a7bd8e776e0eedfa33bb848  node-v20.11.1-darwin-x64.tar.gz
ed69f1f300beb75fb4cad45d96aacd141c3ddca03b6d77c76b42cb258202363d  node-v20.11.1-darwin-x64.tar.xz
0aa42c91b441e945ff43bd3a837759c58b436de57dcd033d02e5cbcd2fba1f87  node-v20.11.1-headers.tar.gz
edce238817acf5adce3123366b55304aff2a1f0849231d1b49f42370e454b6f8  node-v20.11.1-headers.tar.xz
e34ab2fc2726b4abd896bcbff0250e9b2da737cbd9d24267518a802ed0606f3b  node-v20.11.1-linux-arm64.tar.gz
c957f29eb4e341903520caf362534f0acd1db7be79c502ae8e283994eed07fe1  node-v20.11.1-linux-arm64.tar.xz
e42791f76ece283c7a4b97fbf716da72c5128c54a9779f10f03ae74a4bcfb8f6  node-v20.11.1-linux-armv7l.tar.gz
28e0120d2d150a8f41717899d33167b8b32053778665583d49ff971bfd188d1b  node-v20.11.1-linux-armv7l.tar.xz
9823305ac3a66925a9b61d8032f6bbb4c3e33c28e7f957ebb27e49732feffb23  node-v20.11.1-linux-ppc64le.tar.gz
51343cacf5cdf5c4b5e93e919d19dd373d6ef43d5f2c666eae299f26e31d08b5  node-v20.11.1-linux-ppc64le.tar.xz
4c66b2f247fdd8720853321526d7cda483018fcb32014b75c30f3a54ecacaea7  node-v20.11.1-linux-s390x.tar.gz
b32616b705cd0ddbb230b95c693e3d7a37becc2ced9bcadea8dc824cceed6be0  node-v20.11.1-linux-s390x.tar.xz
bf3a779bef19452da90fb88358ec2c57e0d2f882839b20dc6afc297b6aafc0d7  node-v20.11.1-linux-x64.tar.gz
d8dab549b09672b03356aa2257699f3de3b58c96e74eb26a8b495fbdc9cf6fbe  node-v20.11.1-linux-x64.tar.xz
f1cd449fcbeb1b948e8498cb8edd9655fa319d109a7f4c5bd96a9b122b91538a  node-v20.11.1-win-arm64.7z
e85461ec124956a2853c4ee6e13c4f4889d63c88beb3d530c1ee0c4b51dc10e7  node-v20.11.1-win-arm64.zip
fb9b5348259988a562a48eed7349e7e716c0bec78d98ad0a336b2993a8b3bf34  node-v20.11.1-win-x64.7z
bc032628d77d206ffa7f133518a6225a9c5d6d9210ead30d67e294ff37044bda  node-v20.11.1-win-x64.zip
c2b1863d8979546804a39fc63d0a9bc9c6e49cb2f6c9d1e52844a24629b24765  node-v20.11.1-win-x86.7z
b98e95f78416d1359b647cfa09ba2a48b76d41b56a776df822bf36ffe8e76a2d  node-v20.11.1-win-x86.zip
c54f5f7e2416e826fd84e878f28e3b53363ae9c3f60a140af4434b2453b5ae89  node-v20.11.1-x64.msi
63e2aed4dabb96eed6903a3974e006d3c29c218472aac60ae3c3c7de00df13b1  node-v20.11.1-x86.msi
c46019a095a1549d000e85da13f17972a448e0be5854a51786ecccde7278a012  node-v20.11.1.pkg
4af1ba6ea848cc05908b8a62b02fb27684dd52b2a7988ee82b0cfa72deb90b94  node-v20.11.1.tar.gz
77813edbf3f7f16d2d35d3353443dee4e61d5ee84d9e3138c7538a3c0ca5209e  node-v20.11.1.tar.xz
a5a9d30a8f7d56e00ccb27c1a7d24c8d0bc96a2689ebba8eb7527698793496f1  win-arm64/node.exe
93529170cebe57c0f4830a4cc6a261b6cc9bcf0cd8b3e88ac4995a5015031d79  win-arm64/node.lib
c14c6e927406b8683cbfb8a67ca4c8fd5093ca7812b5b1627e3d6a53d3674565  win-arm64/node_pdb.7z
68034cd09d8dfaa755d1b280da13e20388cc486ac57b037b3e11dfe2d6b74284  win-arm64/node_pdb.zip
bc585910690318aaebe3c57669cb83ca9d1e5791efd63195e238f54686e6c2ec  win-x64/node.exe
53a982d490cb9fcc4b231a8b95147de423b36186bc6f4ba5697b20117fdcbd5d  win-x64/node.lib
ccac9f2f5219ed858aeddb306d6493478ba9675c7cbf009e83742437d6752c4f  win-x64/node_pdb.7z
bec5da4035c84580843978a59ef9bcc1c0eaca881cf9e1c94e63a1862cf14421  win-x64/node_pdb.zip
3829137e062b1e2eb9947ef05e4b717ae578a8fce1c5c60fe4f6ae7ef2ec0240  win-x86/node.exe
c5321bb65dcecb3989f9b8f6ec56369c16627ca4bade0c78afb6b88f7dde50e4  win-x86/node.lib
20ca60ced1fc21f15ea952b4406aec6bde39d20eab11cf042040628841b2249e  win-x86/node_pdb.7z
bef05cebedce5949ae35e87e7d4789c16fa73caf478483fcf92e5dbb9ba5d774  win-x86/node_pdb.zip
-----BEGIN PGP SIGNATURE-----

iQGzBAEBCAAdFiEEiQwI24V5Fi/uDfnbi+q0389VXvQFAmXM+TcACgkQi+q0389V
XvQl3AwAqqm2uBMDzd+BlR1sG7y/eUtUYPVdwmCh0DeFXPHxuaIbFf0PGMEgcV8u
kn3OBF4pnSCPZNbJYJsLO1S+b/5Vk+Vlkq1WkOxqQHUHmM9GcJUuShadl0YaDNen
WXXMoYKWqMRJ6fQ3tRRh+vbMSXtsLqXT8TMVJq+Qb7a7yj4QRjw/Dd+8uKGGIhBY
U04HWsz33RJLu6AUnhF03eO1N8E1V48JptklDx5ZkY8GYa3F6jQsFld+jhmkZ9tg
4q9NDNijVpj56UsUhLAYD0J9IKS18tvQxNrKmBGUSZjFOByVhbUdLXnSMtW1i1U9
cYhP6Q5wg/fnjqCfQ90TauoJZOblKIL/PHlf6cQGPrrRa1bz3xGyCAIve5KFhLxf
Vfj1ctk2ktzmuNhjAu5G/1VALQUNpiTm4Yz433JpoMMZ3mTHN+fuALOX4TQbdLRz
HKphTz02436348XC9bNz2cvjm74cy9fqwjQ/y84AmxiTJMFPg0XqICg4tu9rd49d
8FJc4TLZ
=r/CD
-----END PGP SIGNATURE-----