You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Notable Changes:
This is a patch release to address a bad backport of the fix for "Slowloris
HTTP Denial of Service" (CVE-2018-12122). Node.js 6.15.0 misapplies the headers
timeout to an entire keep-alive HTTP session, resulting in prematurely
disconnected sockets.
PR-URL: #24803
Refs: #24796
Refs: #24760
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Copy file name to clipboardExpand all lines: doc/changelogs/CHANGELOG_V6.md
+12Lines changed: 12 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -10,6 +10,7 @@
10
10
</tr>
11
11
<tr>
12
12
<td valign="top">
13
+
<a href="#6.15.1">6.15.1</a><br/>
13
14
<a href="#6.15.0">6.15.0</a><br/>
14
15
<a href="#6.14.4">6.14.4</a><br/>
15
16
<a href="#6.14.3">6.14.3</a><br/>
@@ -74,6 +75,17 @@
74
75
[Node.js Long Term Support Plan](https://github.com/nodejs/LTS) and
75
76
will be supported actively until April 2018 and maintained until April 2019.
76
77
78
+
<a id="6.15.1"></a>
79
+
## 2018-12-03, Version 6.15.1 'Boron' (LTS), @rvagg
80
+
81
+
### Notable Changes
82
+
83
+
This is a patch release to address a bad backport of the fix for "Slowloris HTTP Denial of Service" (CVE-2018-12122). Node.js 6.15.0 misapplies the headers timeout to an entire keep-alive HTTP session, resulting in prematurely disconnected sockets.
0 commit comments