Node v13.8.0 (Current)

4 years ago

source link: https://nodejs.org/en/blog/release/v13.8.0/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

This is a security release.

Vulnerabilities fixed:

CVE-2019-15606 : HTTP header values do not have trailing OWS trimmed.
CVE-2019-15605 : HTTP request smuggling using malformed Transfer-Encoding header.
CVE-2019-15604 : Remotely trigger an assertion on a TLS server with a malformed certificate string.

Also, HTTP parsing is more strict to be more secure. Since this may cause problems in interoperability with some non-conformant HTTP implementations, it is possible to disable the strict checks with the --insecure-http-parser command line flag, or the insecureHTTPParser http option. Using the insecure HTTP parser should be avoided.

Recommend

Recommend

机器人助攻防疫战，京东物流完成武汉智能配送第一单

出版商在增加读者的同时减少了内容

在硅谷工作的轮班工人

《自然》尝试公布同行评议报告

西部世界好看吗好看请打 1 不好看请打 0 ...

2020 年了选什么靠谱的同步盘

区块链项目中的权衡：爬.走.跑

Building a UI for PostgreSQL Database Migrations

Find palindrome dates in the Linux command line - explained

简单解释下武汉病毒所注册专利

About Joyk