doc: update security release announcement by mhdawson · Pull Request #1288 · nodejs/nodejs.org
Navigation Menu
{{ message }}
nodejs / nodejs.org Public
- Notifications You must be signed in to change notification settings
- Fork 6.5k
Closed
mhdawson wants to merge 1 commit intonodejs:masterfrom
Closed
doc: update security release announcement#1288
mhdawson wants to merge 1 commit intonodejs:masterfrom
doc: update security release announcement#1288
mhdawson wants to merge 1 commit intonodejs:masterfrom
Conversation
Copy link
Member
mhdawson
commented
Jul 11, 2017
mhdawson
commented
update security release announcement to indicate releases
are available.
update security release announcement to indicate releases are available.
mhdawson
force-pushed
the
securityJuly-2
branch
from
bddc8ec to
f11e04c
Compare
Copy link
Member Author
mhdawson
commented
Jul 11, 2017
mhdawson commented
Jul 11, 2017I'm going to wait at most 1 hour to get feedback on this update as we don't want it going out too long afer the releases. It has already been reviewed by those working on the security release.
MylesBorins approved these changes Jul 11, 2017
Copy link
Contributor
MylesBorins
left a comment
MylesBorins
left a comment
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 
Copy link
Member Author
mhdawson
commented
Jul 11, 2017
mhdawson commented
Jul 11, 2017Published to the nodejs-sec mailing list so going to go ahead and land. We can always tweak afterwards
Copy link
Member Author
mhdawson
commented
Jul 11, 2017
mhdawson commented
Jul 11, 2017Landed as 5a6ae96
mhdawson
closed this
ofrobots
mentioned this pull request
Copy link
jwheare
commented
Jul 12, 2017
jwheare commented
Jul 12, 2017Is it possible to get a link added to this announcement that explains the vulnerability and what sort of code might be exploitable by an attacker? Linking to a set of slides that can't be understood without a lot of missing context filled in doesn't seem adequate.
Copy link
jwheare
commented
Jul 12, 2017
jwheare commented
Jul 12, 2017This thread is a great explanation: https://twitter.com/mathias/status/884856878722842629
Copy link
Member
gibfahn
commented
Jul 13, 2017
gibfahn commented
Jul 13, 2017Discussion is happening in this thread: nodejs/node#14171
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
4 participants