doc: update security release announcement #1288
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
update security release announcement to indicate releases are available.
|
I'm going to wait at most 1 hour to get feedback on this update as we don't want it going out too long afer the releases. It has already been reviewed by those working on the security release. |
|
Published to the nodejs-sec mailing list so going to go ahead and land. We can always tweak afterwards |
|
Landed as 5a6ae96 |
|
Is it possible to get a link added to this announcement that explains the vulnerability and what sort of code might be exploitable by an attacker? Linking to a set of slides that can't be understood without a lot of missing context filled in doesn't seem adequate. |
|
This thread is a great explanation: https://twitter.com/mathias/status/884856878722842629 |
|
Discussion is happening in this thread: nodejs/node#14171 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
update security release announcement to indicate releases
are available.