The NodeSource Blog

Node.js 4.8.2 Release Brief

This is a special, expedited release for the Node.js 4 Maintenance line, which contains an important fix for a crypto-related memory leak introduced in the previous release.

This release also marks the transition of Node.js 4 into “Maintenance” mode as per the LTS plan. Expect fewer releases, only those for important regressions and critical security fixes.

Node.js 4 will be in Maintenance mode for one year. After that, Node.js 4 will hit End of Life. We recommend that you prepare applications and services to upgrade to Node 6 LTS within the next 6 months.

As with all releases within major version lines, minor and patch upgrades should be drop-in replacements for previous versions.

Overview

Of a total of 3 commits:

  • 1 dependency was upgraded:
  • Additionally, 1 commit was backported from upstream zlib:
    • [253980ff38] - fix CLEAR_HASH macro to be usable as a single statement (Sam Roberts) #11616

The remaining significant commits are as follows:

  • [9d7fba4de2] - crypto: fix memory leak if certificate is revoked (Tom Atkinson) #12089

Notable Changes

  • crypto: Fixed a memory leak for revoked certificates. (Tom Atkinson) #12089

Git Diffstats

(Showing the delta between v4.8.1 and v4.8.2, ignoring deps/npm.)

Without deps, tools, docs, benchmarks, or tests:

 src/node_crypto.cc | 8 ++++++--
 src/node_version.h | 2 +-
 2 files changed, 7 insertions(+), 3 deletions(-)

Deps only:

  17.0% deps/zlib/as400/
   0.1% deps/zlib/contrib/ada/
   0.7% deps/zlib/contrib/blast/
   0.0% deps/zlib/contrib/delphi/
   0.0% deps/zlib/contrib/dotzlib/DotZLib/
   0.0% deps/zlib/contrib/dotzlib/
   0.0% deps/zlib/contrib/infback9/
   1.4% deps/zlib/contrib/minizip/
   0.0% deps/zlib/contrib/pascal/
   0.0% deps/zlib/contrib/puff/
   0.2% deps/zlib/contrib/vstudio/vc10/
   0.2% deps/zlib/contrib/vstudio/vc11/
   2.9% deps/zlib/contrib/vstudio/vc12/
   2.9% deps/zlib/contrib/vstudio/vc14/
   0.2% deps/zlib/contrib/vstudio/vc9/
   0.3% deps/zlib/contrib/vstudio/
   0.0% deps/zlib/contrib/
   0.1% deps/zlib/examples/
   0.0% deps/zlib/msdos/
   0.0% deps/zlib/old/os2/
   0.0% deps/zlib/old/
  18.0% deps/zlib/os400/
   0.2% deps/zlib/qnx/
   0.6% deps/zlib/test/
   0.3% deps/zlib/win32/
  53.6% deps/zlib/
 83 files changed, 3651 insertions(+), 2166 deletions(-)

Docs only:

 CHANGELOG.md | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

Most active commit

Of the 3 commits, 2e52a26 was the most active:
(Excluding docs, npm, eslint, and tests.)

commit 2e52a2699b5d5c646393c9f62f79f8607d32e517
Author: Sam Roberts <vieuxtech@gmail.com>
Date:   Fri Jan 20 11:01:40 2017 -0800

    deps: upgrade zlib to 1.2.11

    PR-URL: https://github.com/nodejs/node/pull/10980
    Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
    Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>

  17.0% deps/zlib/as400/
   7.0% deps/zlib/contrib/vstudio/
  18.0% deps/zlib/os400/
  57.8% deps/zlib/
 83 files changed, 3646 insertions(+), 2164 deletions(-)

While not a routine or security release, if you're currently using Node.js 4.8.1 this release is important, as it resolves regressions in 4.8.1. If currently using 4.8.1, this is an important update. If using something prior to 4.8.1, this release has an otherwise normal update priority for the Node.js LTS and Maintenance release lines.