winget install --id OpenJS.NodeJS.15About Node.js 15
Node.js® is a free, open-source, cross-platform JavaScript runtime environment that lets developers create servers, web apps, command line tools and scripts.
What's new in 15.14.0
This is a security release. Notable Changes Vulnerabilties Fixed: - CVE-2021-3450: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) - This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210325.txt - Impacts: - All versions of the 15.x, 14.x, 12.x and 10.x releases lines - CVE-2021-3449: OpenSSL - NULL pointer deref in signature_algorithms processing (High) - This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210325.txt - Impacts: - All versions of the 15.x, 14.x, 12.x and 10.x releases lines - CVE-2020-7774: npm upgrade - Update y18n to fix Prototype-Pollution (High) - This is a vulnerability in the y18n npm module which may be exploited by prototype pollution. You can read more about it in https://github.com/advisories/GHSA-c4w7-xm78-47vh - Impacts: - All versions of the 14.x, 12.x and 10.x releases lines Other Notable Changes: - [b6f4901221] - (SEMVER-MINOR) fs: add support for async iterators to fsPromises.writeFile (HiroyukiYagihashi) #37490 - [0709cbb7fe] - (SEMVER-MINOR) net: allow net.BlockList to use net.SocketAddress objects (James M Snell) #37917 - [daa8a7bbcf] - (SEMVER-MINOR) net: add SocketAddress class (James M Snell) #37917 - [a4169ce519] - (SEMVER-MINOR) net: make net.BlockList cloneable (James M Snell) #37917 - [669b81c68b] - (SEMVER-MINOR) net,tls: add abort signal support to connect (Nitzan Uziely) #37735 - [a1123f0a29] - (SEMVER-MINOR) readline: add...
Version history
| Version | Updated | Notes |
|---|---|---|
| 15.14.0 | Unknown | This is a security release. Notable Changes Vulnerabilties Fixed: - CVE-2021-3450: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) - This is a vulnerability in OpenSSL which may be exploited thr... |
| 15.13.0 | Unknown | Notable Changes - buffer: - implement btoa and atob (James M Snell) #37529 - deps: - upgrade npm to 7.7.6 (Ruy Adorno) #37968 - This update adds workspaces support to npm run and npm exec - doc: - add legacy status to st... |
| 15.12.0 | Unknown | Notable Changes - crypto: - add optional callback to crypto.sign and crypto.verify (Filip Skokan) #37500 - support JWK objects in create*Key (Filip Skokan) #37254 - deps: - switch openssl to quictls/openssl (James M Snel... |
| 15.11.0 | Unknown | Notable Changes - [a3e3156b52] - (SEMVER-MINOR) crypto: make FIPS related options always awailable (Vít Ondruch) #36341 - [9ba5c0f9ba] - (SEMVER-MINOR) errors: remove experimental from --enable-source-maps (Benjamin Coe)... |
| 15.10.0 | Unknown | This is a security release. Notable changes Vulnerabilities fixed: - CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion - Affected Node.js versions are vulnerable to denial of service... |
| 15.9.0 | Unknown | Notable Changes - crypto: - add keyObject.export() 'jwk' format option (Filip Skokan) #37081 - deps: - upgrade to libuv 1.41.0 (Colin Ihrig) #37360 - doc: - add dmabupt to collaborators (Xu Meng) #37377 - refactor fs doc... |
| 15.8.0 | Unknown | Notable Changes - [110063d694] - (SEMVER-MINOR) crypto: add generatePrime/checkPrime (James M Snell) #36997 - [53a0bdff47] - (SEMVER-MINOR) crypto: experimental (Ed/X)25519/(Ed/X)448 support (James M Snell) #36879 - [034... |
| 15.7.0 | Unknown | Notable changes - buffer: - introduce Blob (James M Snell) #36811 - add base64url encoding option (Filip Skokan) #36952 - doc: - add @iansu to collaborators (Ian Sutherland) #36951 - add @RaisinTen to collaborators (Dars... |
| 15.6.0 | Unknown | Release notes |
| 15.5.1 | Unknown | This is a security release. Notable changes Vulnerabilities fixed: - CVE-2020-8265: use-after-free in TLSWrap (High) - Affected Node.js versions are vulnerable to a use-after-free bug in its TLS implementation. When writ... |
| 15.5.0 | Unknown | Release notes |
| 15.4.0 | Unknown | Notable Changes - child_processes: - add AbortSignal support (Benjamin Gruenbaum) #36308 - deps: - update ICU to 68.1 (Michaël Zasso) #36187 - events: - support signal in EventTarget (Benjamin Gruenbaum) #36258 - graduat... |
| 15.3.0 | Unknown | Notable Changes - [6349b1d673] - (SEMVER-MINOR) dns: add a cancel() method to the promise Resolver (Szymon Marczak) #33099 - [9ce9b016e6] - (SEMVER-MINOR) events: add max listener warning for EventTarget (James M Snell)... |
| 15.2.1 | Unknown | Notable changes This is a security release. Vulnerabilities fixed: - CVE-2020-8277: Denial of Service through DNS request (High). A Node.js application that allows an attacker to trigger a DNS request for a host of their... |
| 15.2.0 | Unknown | Notable changes - events: - getEventListeners static (Benjamin Gruenbaum) #35991 - fs: - support abortsignal in writeFile (Benjamin Gruenbaum) #35993 - add support for AbortSignal in readFile (Benjamin Gruenbaum) #35911... |
| 15.1.0 | Unknown | Release notes |
| 15.0.1 | Unknown | Notable changes - crypto: fix regression on randomFillSync (James M Snell) #35723 - This fixes issue https://github.com/nodejs/node/issues/35722. - deps: upgrade npm to 7.0.3 (Ruy Adorno) #35724 - doc: add release key fo... |
| 15.0.0 | Unknown | Release notes |