Skip to content
This repository was archived by the owner on May 13, 2025. It is now read-only.

Commit 188a42a

Browse files
RafaelGSSRafaelGSS
authored
Blog: add pre security release announcement (nodejs#6863)
* Blog: add pre security release announcement * fixup! Blog: add pre security release announcement * fixup! fixup! Blog: add pre security release announcement
1 parent a6cde27 commit 188a42a

File tree

1 file changed

+41
-0
lines changed

1 file changed

+41
-0
lines changed

pages/en/blog/vulnerability/july-2024-security-releases.md

Lines changed: 41 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,41 @@
1+
---
2+
date: 2024-07-02T03:00:00.000Z
3+
category: vulnerability
4+
title: Tuesday, July 2, 2024 Security Releases
5+
slug: july-2024-security-releases
6+
layout: blog-post
7+
author: The Node.js Project
8+
---
9+
10+
# Summary
11+
12+
The Node.js project will release new versions of the 22.x, 20.x, 18.x
13+
releases lines on or shortly after, Tuesday, July 2, 2024 in order to address:
14+
15+
- 1 high severity issues.
16+
- 2 medium severity issues.
17+
- 3 low severity issues.
18+
19+
Node.js fetch will be upgraded to undici v6.19.2 on Node.js 18.x and Node.js 20.x.
20+
Node.js 22.x already includes undici v6.19.2.
21+
22+
## Impact
23+
24+
The 22.x release line of Node.js is vulnerable to 1 high severity issues, 2 medium severity issues, 3 low severity issues.
25+
The 20.x release line of Node.js is vulnerable to 1 high severity issues, 2 medium severity issues, 3 low severity issues.
26+
The 18.x release line of Node.js is vulnerable to 1 high severity issues, 2 medium severity issues.
27+
28+
It's important to note that End-of-Life versions are always affected when a security release occurs.
29+
To ensure your system's security, please use an up-to-date version as outlined in our
30+
[Release Schedule](https://github.com/nodejs/release#release-schedule).
31+
32+
## Release timing
33+
34+
Releases will be available on, or shortly after, Tuesday, July 2, 2024.
35+
36+
## Contact and future updates
37+
38+
The current Node.js security policy can be found at https://nodejs.org/en/security/.
39+
Please follow the process outlined in https://github.com/nodejs/node/blob/master/SECURITY.md if you wish to report a vulnerability in Node.js.
40+
41+
Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization.

0 commit comments

Comments
 (0)