惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

GbyAI
GbyAI
博客园 - 三生石上(FineUI控件)
S
Securelist
U
Unit 42
The Cloudflare Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Simon Willison's Weblog
Simon Willison's Weblog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
B
Blog
T
Tenable Blog
The Hacker News
The Hacker News
The Register - Security
The Register - Security
IT之家
IT之家
博客园 - 【当耐特】
Spread Privacy
Spread Privacy
P
Privacy & Cybersecurity Law Blog
博客园_首页
T
Tailwind CSS Blog
人人都是产品经理
人人都是产品经理
C
Cybersecurity and Infrastructure Security Agency CISA
Know Your Adversary
Know Your Adversary
NISL@THU
NISL@THU
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
阮一峰的网络日志
阮一峰的网络日志
T
Tor Project blog
C
CERT Recently Published Vulnerability Notes
Apple Machine Learning Research
Apple Machine Learning Research
Stack Overflow Blog
Stack Overflow Blog
T
Threat Research - Cisco Blogs
T
The Exploit Database - CXSecurity.com
V
Vulnerabilities – Threatpost
A
Arctic Wolf
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
V
V2EX
aimingoo的专栏
aimingoo的专栏
大猫的无限游戏
大猫的无限游戏
Scott Helme
Scott Helme
L
LINUX DO - 热门话题
Cyberwarzone
Cyberwarzone
V
Visual Studio Blog
月光博客
月光博客
爱范儿
爱范儿
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
美团技术团队
G
GRAHAM CLULEY
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
H
Heimdal Security Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO

Node.js Blog

Node.js — Security Bug Bounty Program Paused Due to Loss of Funding Node.js — Node.js 25.9.0 (Current) Node.js — Developing a minimally HashDoS resistant, yet quickly reversible integer hash for V8 Node.js — Node.js 25.8.2 (Current) Node.js — Node.js 24.14.1 (LTS) Node.js — Node.js 22.22.2 (LTS) Node.js — Node.js 20.20.2 (LTS) Node.js — Tuesday, March 24, 2026 Security Releases Node.js — Node.js 25.8.1 (Current) Node.js — Evolving the Node.js Release Schedule Node.js — Node.js 22.22.1 (LTS) Node.js — Node.js 20.20.1 (LTS) Node.js — Node.js 25.8.0 (Current) Node.js — Node.js 25.7.0 (Current) Node.js — Node.js 24.14.0 (LTS) Node.js — New HackerOne Signal Requirement for Vulnerability Reports Node.js — Node.js 25.6.1 (Current) Node.js — Node.js 24.13.1 (LTS) Node.js — Node.js 25.6.0 (Current) Node.js — OpenSSL Security Advisory Assessment, January 2026 Node.js — Node.js 25.5.0 (Current) Node.js — Chalk to Node.js util styleText Node.js — Node.js 25.4.0 (Current) Node.js — Mitigating Denial-of-Service Vulnerability from Unrecoverable Stack Space Exhaustion for React, Next.js, and APM Users Node.js — Node.js 22.22.0 (LTS) Node.js — Node.js 25.3.0 (Current) Node.js — Node.js 24.13.0 (LTS) Node.js — Node.js 20.20.0 (LTS) Node.js — Tuesday, January 13, 2026 Security Releases Node.js — Node.js 24.12.0 (LTS) Node.js — Node.js 20.19.6 (LTS) Node.js — Node.js 25.2.1 (Current) Node.js — Node.js 24.11.1 (LTS) Node.js — Node.js 25.2.0 (Current) Node.js — Node.js 25.1.0 (Current) Node.js — Node.js 22.21.1 (LTS) Node.js — Node.js 24.11.0 (LTS) Node.js — Node.js v22 to v24 Node.js — Node.js v20 to v22 Node.js — Node.js v14 to v16 Node.js — Node.js v12 to v14 Node.js — Node.js 22.21.0 (LTS) Node.js — Node.js 25.0.0 (Current) Node.js — Node.js 24.10.0 (Current) Node.js — Node.js 24.9.0 (Current) Node.js — Node.js 22.20.0 (LTS) Node.js — Node.js 24.8.0 (Current) Node.js — Node.js 20.19.5 (LTS) Node.js — Node.js 22.19.0 (LTS) Node.js — Node.js 24.7.0 (Current) Node.js — Node.js 24.6.0 (Current) Node.js — Node.js 22.18.0 (LTS) Node.js — Node.js 24.5.0 (Current) Node.js — Node.js 20.19.4 (LTS) Node.js — Node.js 22.17.1 (LTS) Node.js — Node.js 24.4.1 (Current) Node.js — Tuesday, July 15, 2025 Security Releases Node.js — Node.js 24.4.0 (Current) Node.js — Node.js LGBTQIA+ Stories: Emelia Smith Node.js — Open sourced identity Node.js — Node.js 22.17.0 (LTS) Node.js — Node.js 24.3.0 (Current) Node.js — Node.js 20.19.3 (LTS) Node.js — In Memory of Mikeal Rogers: A Builder of Communities Node.js — Node.js 24.2.0 (Current) Node.js — Beware of End-of-Life Node.js Versions - Upgrade or Seek Post-EOL Support Node.js — Trip report: Node.js collaboration summit (2025 Paris) Node.js — Node.js 22.16.0 (LTS) Node.js — Node.js 24.1.0 (Current) Node.js — Node.js 24.0.2 (Current) Node.js — Node.js 23.11.1 (Current) Node.js — Node.js 22.15.1 (LTS) Node.js — Node.js 20.19.2 (LTS) Node.js — Wednesday, May 14, 2025 Security Releases Node.js — Node.js 24.0.1 (Current) Node.js — Node.js 24.0.0 (Current) Node.js — Node.js Test CI Security Incident Node.js — Node.js 22.15.0 (LTS) Node.js — Node.js 20.19.1 (LTS) Node.js — Making Node.js Downloads Reliable Node.js — Node.js 23.11.0 (Current) Node.js — Node.js 23.10.0 (Current) Node.js — Node.js 20.19.0 (LTS) Node.js — Updates on CVE for End-of-Life Versions Node.js — Node.js 23.9.0 (Current) Node.js — Node.js 18.20.7 (LTS) Node.js — Node.js 20.18.3 (LTS) Node.js — Node.js 9.3.0 (Current) Node.js — Data Confidentiality/Integrity Vulnerability, December 2017 Node.js — Node.js 9.2.1 (Current) Node.js — Node.js 8.9.3 (LTS) Node.js — Node.js 4.8.7 (Maintenance) Node.js — Node.js 8.9.2 (LTS) Node.js — Node.js 6.12.1 (LTS) Node.js — Node.js 9.2.0 (Current) Node.js — Node.js 8.9.1 (LTS) Node.js — Node.js 9.1.0 (Current) Node.js — Node.js 0.10.35 (Stable) Node.js — Node.js 0.10.34 (Stable) Node.js — Node.js 0.10.29 (Stable)
Node.js — Node.js 6.7.0 (Current)
2016-09-28 · via Node.js Blog

Evan Lucas

This is an important security release. All Node.js users should consult the security release summary at for details on patched vulnerabilities.

Notable changes

Semver Minor:

  • openssl:
    • Upgrade to 1.0.2i, fixes a number of defects impacting Node.js: CVE-2016-6304 ("OCSP Status Request extension unbounded memory growth", high severity), CVE-2016-2183, CVE-2016-2178 and CVE-2016-6306. (Shigeki Ohtsu) #8714
    • Upgrade to 1.0.2j, fixes a defect included in 1.0.2i resulting in a crash when using CRLs, CVE-2016-7052. (Shigeki Ohtsu) #8786
    • Remove support for loading dynamic third-party engine modules. An attacker may be able to hide malicious code to be inserted into Node.js at runtime by masquerading as one of the dynamic engine modules. Originally reported by Ahmed Zaki (Skype). (Ben Noordhuis) nodejs/node-private#73
  • http: CVE-2016-5325 - Properly validate for allowable characters in the reason argument in ServerResponse#writeHead(). Fixes a possible response splitting attack vector. This introduces a new case where throw may occur when configuring HTTP responses, users should already be adopting try/catch here. Originally reported independently by Evan Lucas and Romain Gaucher. (Evan Lucas) nodejs/node-private#60

Semver Patch:

  • buffer: Zero-fill excess bytes in new Buffer objects created with Buffer.concat() while providing a totalLength parameter that exceeds the total length of the original Buffer objects being concatenated. (Сковорода Никита Андреевич) nodejs/node-private#64
  • src: Fix regression where passing an empty password and/or salt to crypto.pbkdf2() would cause a fatal error (Rich Trott) #8572
  • tls: CVE-2016-7099 - Fix invalid wildcard certificate validation check whereby a TLS server may be able to serve an invalid wildcard certificate for its hostname due to improper validation of *. in the wildcard string. Originally reported by Alexander Minozhenko and James Bunton (Atlassian). (Ben Noordhuis) nodejs/node-private#75
  • v8: Fix regression where a regex on a frozen object was broken (Myles Borins) #8673

Commits

Windows 32-bit Installer: https://nodejs.org/dist/v6.7.0/node-v6.7.0-x86.msi
Windows 64-bit Installer: https://nodejs.org/dist/v6.7.0/node-v6.7.0-x64.msi
Windows 32-bit Binary: https://nodejs.org/dist/v6.7.0/win-x86/node.exe
Windows 64-bit Binary: https://nodejs.org/dist/v6.7.0/win-x64/node.exe
Mac OS X 64-bit Installer: https://nodejs.org/dist/v6.7.0/node-v6.7.0.pkg
Mac OS X 64-bit Binary: https://nodejs.org/dist/v6.7.0/node-v6.7.0-darwin-x64.tar.gz
Linux 32-bit Binary: https://nodejs.org/dist/v6.7.0/node-v6.7.0-linux-x86.tar.xz
Linux 64-bit Binary: https://nodejs.org/dist/v6.7.0/node-v6.7.0-linux-x64.tar.xz
Linux PPC LE 64-bit Binary: https://nodejs.org/dist/v6.7.0/node-v6.7.0-linux-ppc64le.tar.xz
SmartOS 32-bit Binary: https://nodejs.org/dist/v6.7.0/node-v6.7.0-sunos-x86.tar.xz
SmartOS 64-bit Binary: https://nodejs.org/dist/v6.7.0/node-v6.7.0-sunos-x64.tar.xz
ARMv6 32-bit Binary: https://nodejs.org/dist/v6.7.0/node-v6.7.0-linux-armv6l.tar.xz
ARMv7 32-bit Binary: https://nodejs.org/dist/v6.7.0/node-v6.7.0-linux-armv7l.tar.xz
ARMv8 64-bit Binary: https://nodejs.org/dist/v6.7.0/node-v6.7.0-linux-arm64.tar.xz
Source Code: https://nodejs.org/dist/v6.7.0/node-v6.7.0.tar.gz
Other release files: https://nodejs.org/dist/v6.7.0/
Documentation: https://nodejs.org/docs/v6.7.0/api/

Shasums (GPG signing hash: SHA512, file hash: SHA256):

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

69fab7a1ebeee54d5e3160eb9366e88a61500731fad86dee98c79c4a14b56bc6  node-v6.7.0-darwin-x64.tar.gz
b10270f028be73771fa8536f0c69b33f30e1bb1fd15d9a493a7365cde56af0d2  node-v6.7.0-darwin-x64.tar.xz
42f0fdcd937409842d76a5852782acfdb0b6fa8e3520df6694f2abaa7c9e942c  node-v6.7.0-headers.tar.gz
f6ddea52f8b13bcece38c965d13f6073bd7980dadcfd903b8c1872f6d8bbacb7  node-v6.7.0-headers.tar.xz
45ffd727bcab41a544ad7862fe985f6beac4fcd96c63e116ca467d1147ba6454  node-v6.7.0-linux-arm64.tar.gz
87f59a19d9a44ff938a553425c5c82a46be1f0cd43bf7c256e1c4fb61833a82a  node-v6.7.0-linux-arm64.tar.xz
0f8e0dbaa6bcccd22db75077fed1afb28c2b225b6cdc185913178ae395a68ef9  node-v6.7.0-linux-armv6l.tar.gz
bf07229d718ebe3a8d8bc59cbf06d945b89045285e44f36f516c8e0f65a5302b  node-v6.7.0-linux-armv6l.tar.xz
1e7e138ba8c54d7a0fbf5e3f188442a14a70409dc154b74b17635bcff74e4a81  node-v6.7.0-linux-armv7l.tar.gz
18b6d9df3e2aaba2d72e1f4c3cfdd3b963c23faa64d3ad72d5690959bc3dde08  node-v6.7.0-linux-armv7l.tar.xz
87f7dd1776bffd569d4f619dde99caca215c073f7d26853e16d6f93fcf681113  node-v6.7.0-linux-ppc64le.tar.gz
fc1b70f866a1c1972c55cc5d2a506f0dcc623e749d6cbe470d650c7c631f231e  node-v6.7.0-linux-ppc64le.tar.xz
e8ce540b592d337304a10f4eb19bb4efee889c6676c5f188d072bfb2a8089927  node-v6.7.0-linux-ppc64.tar.gz
6ee874b6567f7f06708f6ccb66a27dc7317b4c493b7a6c3bb49c1e53c4bdf31e  node-v6.7.0-linux-ppc64.tar.xz
e0f2616b4beb4c2505edb19e3cbedbf3d1c958441517cc9a1e918f6feaa4b95b  node-v6.7.0-linux-s390x.tar.gz
647bacc68bd0101b04074d5740492a6511dee69e23a7ff03765674d7a9fa93df  node-v6.7.0-linux-s390x.tar.xz
abe81b4150917cdbbeebc6c6b85003b80c972d32c8f5dfd2970d32e52a6877af  node-v6.7.0-linux-x64.tar.gz
09263a844c31933c6f31e576e580faf01d3bbb056efb8713388dc8d09674f8c2  node-v6.7.0-linux-x64.tar.xz
fa94c93a4a3600d68e003a399f5cf5e109c2d10505b4d9456373c25953eb9bf5  node-v6.7.0-linux-x86.tar.gz
e89a77020bd579186adbc46f6a668d3524f980c5fc75f63e1d5b5362423bcebb  node-v6.7.0-linux-x86.tar.xz
c5d46d0f105ed652c9a353d8411558c9c4610db874f01ef07e57ad613e5d4237  node-v6.7.0.pkg
33f240dac58a1293a08b66ecd01a70849c693e3a9e58a94cb7ee92126a894984  node-v6.7.0-sunos-x64.tar.gz
9df8f3d1048065fccb1c1746cfd1f3a22ef46075399e7dc92d38949e37607de7  node-v6.7.0-sunos-x64.tar.xz
80dacf34a5e17f3eeabe15e212005daeaa189caa424a83a23f302a9fa5996565  node-v6.7.0-sunos-x86.tar.gz
14bdf36ae5510a6565af69e1db651d34e75d2846a363610b6669b8c78e404b2a  node-v6.7.0-sunos-x86.tar.xz
02b8ee1719a11b9ab22bef9279519efaaf31dd0d39cba4c3a1176ccda400b8d6  node-v6.7.0.tar.gz
ceb028324aab1ee8c7ea6a62026f036f3ea71f5ef5212593d0f833f999dd3be5  node-v6.7.0.tar.xz
2eb013b15c718ec2b26768e6a325e73571ed1d2028af411307a1bbd549f709ed  node-v6.7.0-win-x64.7z
59971f8ea9fb1ac4c55ca36303fe32a0714049cf8a10843dbb5924a5d0624659  node-v6.7.0-win-x64.zip
8b4448e56223aed8c316b67336fdd1d94aeee71033934fb6bc071a358c5c8719  node-v6.7.0-win-x86.7z
d75bebea562a1da0965adc8f94d2c5a38a22cfc57959d37c5c1aeec4ea9f1c83  node-v6.7.0-win-x86.zip
2185a16f8a32087b75708b08d7e482a14597765c41d6b3711a8e6ed3a3358213  node-v6.7.0-x64.msi
0801c283200ac263cc0ca014f5d8e0ee531e1ebec6e99645a0bdd04b996c1605  node-v6.7.0-x86.msi
7ab8714273a9a1fa464ded6b543b52b6fb56c7d2c3d08ebe312b1c1be72a1477  win-x64/node.exe
17c521d3b19886f826f818b9806bb4d2af4615d5bf850c257dcdaef897e8ccaa  win-x64/node.lib
fa2f32b9f8ac97d26bb58da59c8a7299de5bd9f25b8879f8787ecd0ffbd36c3b  win-x64/node_pdb.7z
815d202704373b9894c5dc113d2a2812be5e73431f8061707e0fd012cbc0b8cc  win-x64/node_pdb.zip
a2e58867917250e013a49c4210b36aba04715159a71edcfb510c6225e3dab184  win-x86/node.exe
641503fd3d41c1bc04a95ee38e6dc2ffd9c9e5a35b3f5bfecb25965c963f2d17  win-x86/node.lib
36265c44782a8456b289c4776bf5de5ed648982f2b8dc97e17acd76258e249cf  win-x86/node_pdb.7z
2d8a25ba8e212715050ee03e4b0b9f547163ffaeb75288c9508a06e469677ff6  win-x86/node_pdb.zip
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJX6xF5AAoJELY7U1pMIGypw8sQAM0o8jAf5AlM3apyFJIm8q3P
8z7LsyOm/gX04h6U4xONVybx0uxqkoCs/Bk9JSJdxdc9qMM4FLxbf9W3se61FZQa
fYva3cXiAm/riUxO5vbghBNzKgE8aLFeOiuEIL5c+UzaxjFs8eY6oRfqYN87jNcB
95T3krvYGY9pA39Cyr1mBbCJq8AdjcM/ve6wqcjQDGswZF5Yq+yd94Z1qzCWzB2u
8yLcLaaoyVy2BvFg/11XgK9xK7w1KpxHK+jIzVVDE9dVoQc1pcQQZR72mYVIQFUt
jCJ69T5Usnil1ucswmfk7d1vvX1NdIawaol6AjEErO1APZsVew+TCJyvwq4uLAA2
kvgiVF/8Pe3ZdF1x9+vWz1JvEXpmehOlJ9fRv3bZn20W3/GIeS5NA+AgJrr6H65D
Trv6juvBceu2wGeBer8XCzql+9Pk4k87vARcExEKxsOU57lZ4mgaX5aMfTaNtTnp
zm5+ajGNnEZ4tjR91do6JXMF8/5MHmP93vFOwsrANabBe4sjd3u3BIbAVlkS74z0
bLZeo2dM18p3RdDw2Szo5jTSjuIhCV+5wNKxLoNjLSoYC6fSwAod+FuCXoWZZi6/
1eF4uFXik9m3ifInj6KKjCfKql8Rh6siHu2AsOjxaE/UyKY27HpXbtWpIhvM4Ht5
A0X+c5AUaeTAxt30L2PG
=+Moe
-----END PGP SIGNATURE-----