Node.js 6.10.2 Release Brief
This is a special, expedited release for the Node 6 LTS line containing important fixes for a couple recent regressions, including a crypto-related memory leak.
The regressions include:
- A memory leak in the crypto module, introduced in 6.10.1
- A regression in the windows repl, introduced in 6.10.0
- A V8 segfault when using spread syntax.
An upgrade to zlib 1.2.11 has also been included, as it fixes a number of low severity CVEs that were present in zlib 1.2.8.
As with all releases within major version lines, minor and patch upgrades should be drop-in replacements for previous versions.
Overview
Of a total of 7 commits:
- 1 dependency was upgraded:
- zlib @ 1.2.11 - (Sam Roberts) #10980
- 3 patches were backported from upstream V8:
- [
e427300as1ff512c185- (Michaël Zasso) #12037 - [
b9f682bas8dfc710a06- (Michaël Zasso) #12037 - [
2cabc86as52bdb8f246- (Michaël Zasso) #12037
- [
- Additionally, 1 commit was backported from upstream zlib:
- [
912f78a566] - fixCLEAR_HASHmacro to be usable as a single statement (Sam Roberts) #11616
- [
The remaining significant commits are as follows:
- [
64fc5a4541] - Revert "Revert "repl: disable Ctrl+C support..." (Myles Borins) #12123 - [
5f644d2f6f] - crypto: fix memory leak if certificate is revoked (Tom Atkinson) #12089
Notable Changes
- crypto: Fixed a memory leak for revoked certificates. (Tom Atkinson) #12089
- repl: Reverted a commit that broke REPL display on Windows. (Myles Borins) #12123
- V8: Backported a V8 fix for segfaulting spread syntax. (Michaël Zasso) #12037
Git Diffstats
(Showing the delta between v6.10.1 and v6.10.2, ignoring deps/npm.)
Without deps, tools, docs, benchmarks, or tests:
lib/repl.js | 11 +++++++++--
src/node_crypto.cc | 8 ++++++--
src/node_version.h | 2 +-
3 files changed, 16 insertions(+), 5 deletions(-)
Deps only:
0.0% deps/v8/include/
0.0% deps/v8/src/ast/
0.9% deps/v8/src/parsing/
0.0% deps/v8/src/runtime/
0.2% deps/v8/test/mjsunit/harmony/regress/
0.1% deps/v8/test/mjsunit/regress/
16.7% deps/zlib/as400/
0.1% deps/zlib/contrib/ada/
0.7% deps/zlib/contrib/blast/
0.0% deps/zlib/contrib/delphi/
0.0% deps/zlib/contrib/dotzlib/DotZLib/
0.0% deps/zlib/contrib/dotzlib/
0.0% deps/zlib/contrib/infback9/
1.4% deps/zlib/contrib/minizip/
0.0% deps/zlib/contrib/pascal/
0.0% deps/zlib/contrib/puff/
0.2% deps/zlib/contrib/vstudio/vc10/
0.2% deps/zlib/contrib/vstudio/vc11/
2.8% deps/zlib/contrib/vstudio/vc12/
2.8% deps/zlib/contrib/vstudio/vc14/
0.2% deps/zlib/contrib/vstudio/vc9/
0.3% deps/zlib/contrib/vstudio/
0.0% deps/zlib/contrib/
0.1% deps/zlib/examples/
0.0% deps/zlib/msdos/
0.0% deps/zlib/old/os2/
0.0% deps/zlib/old/
17.7% deps/zlib/os400/
0.2% deps/zlib/qnx/
0.6% deps/zlib/test/
0.3% deps/zlib/win32/
52.9% deps/zlib/
91 files changed, 3721 insertions(+), 2183 deletions(-)
Docs only:
CHANGELOG.md | 3 ++-
doc/changelogs/CHANGELOG_V6.md | 35 +++++++++++++++++++++++++++++++++++
2 files changed, 37 insertions(+), 1 deletion(-)
Most active commit
Of the 7 commits, abe9132 was the most active:
(Excluding docs, npm, eslint, and tests.)
commit abe913201180f106e054e1803eaa8a857ec3c423
Author: Sam Roberts <vieuxtech@gmail.com>
Date: Fri Jan 20 11:01:40 2017 -0800
deps: upgrade zlib to 1.2.11
PR-URL: https://github.com/nodejs/node/pull/10980
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
17.0% deps/zlib/as400/
7.0% deps/zlib/contrib/vstudio/
18.0% deps/zlib/os400/
57.8% deps/zlib/
83 files changed, 3646 insertions(+), 2164 deletions(-)
While not a routine or security release, if you're currently using Node.js 6.10.1 this release is important, as it resolves regressions in 6.10.1. If currently using 6.10.1, this is an important update. If using something prior to 6.10.1, this release has an otherwise normal update priority for the Node.js LTS release lines.