Weekly Update - Jul 10th, 2015by Yosuke Furukawa (@yosuke-furukawa),
io.js and Node.js News — July 10th
Security patches for io.js 1.8 and 2.3 and upcoming events.
io.js 1.8 and 2.3 Releases
- openssl : Upgrade to 1.0.2d, fixes CVE-2015-1793 (Alternate Chains Certificate Forgery) #2141 .
- openssl : Upgrade to 1.0.2d, fixes CVE-2015-1793 (Alternate Chains Certificate Forgery) (Shigeki Ohtsu) #2141 .
- npm : Upgraded to v2.12.1, release notes can be found in https://github.com/npm/npm/releases/tag/v2.12.0 and https://github.com/npm/npm/releases/tag/v2.12.1 (Kat Marchán) #2112 .
See https://github.com/nodejs/io.js/labels/confirmed-bug for complete and current list of known issues.
Some problems with unreferenced timers running during
beforeExitare still to be resolved. See #1264 .
- Surrogate pair in REPL can freeze terminal. #690
process.send()is not synchronous as the docs suggest, a regression introduced in 1.0.2, see #760 .
dns.setServers()while a DNS query is in progress can cause the process to crash on a failed assertion. #894
url.resolvemay transfer the auth portion of the url when resolving between two full hosts, see #1435 .
- OpenSSL published a high severity security issue , io.js and Node.js have upgraded OpenSSL version and fixed the problem on latest version.
- Node.js LTS WG has updated their proposed LTS plan . They need some feedbacks from Noders.
- ReactNative required io.js as their test platform .
- BrazilJS Conf tickets are on sale, August 21st - 22nd at Shopping Center BarraShoppingSul
- NodeConf EU tickets are on sale, September 6th - 9th at Waterford, Ireland
- Node.js Italian Conference tickets are on sale, October 10th at Desenzano - Brescia, Italy
- JSConf CO , October 16th - 17th at Ruta N, Medellin