From eee5e70b188d36444071e6ebdbbb60b1d9f38ff5 Mon Sep 17 00:00:00 2001 From: Joe Sepi Date: Wed, 16 Mar 2022 20:18:30 -0400 Subject: [PATCH] doc: Update mar-2022-security-releases.md (#4496) * Update mar-2022-security-releases.md * Apply suggestions from code review Co-authored-by: Michael Dawson * Update locale/en/blog/vulnerability/mar-2022-security-releases.md Co-authored-by: Michael Dawson * Update locale/en/blog/vulnerability/mar-2022-security-releases.md * Update mar-2022-security-releases.md * Update locale/en/blog/vulnerability/mar-2022-security-releases.md * Update locale/en/blog/vulnerability/mar-2022-security-releases.md Co-authored-by: Richard Lau Co-authored-by: Michael Dawson Co-authored-by: Richard Lau --- .../mar-2022-security-releases.md | 34 +++++++++++++++++-- 1 file changed, 32 insertions(+), 2 deletions(-) diff --git a/locale/en/blog/vulnerability/mar-2022-security-releases.md b/locale/en/blog/vulnerability/mar-2022-security-releases.md index beb3ad54eca1a..2c5179f719797 100644 --- a/locale/en/blog/vulnerability/mar-2022-security-releases.md +++ b/locale/en/blog/vulnerability/mar-2022-security-releases.md @@ -1,12 +1,42 @@ --- -date: 2022-03-14T12:00:00.000Z +date: 2022-03-16T23:22:00.000Z category: vulnerability -title: OpenSSL security releases may require Node.js security releases +title: OpenSSL security releases require Node.js security releases slug: openssl-and-high-severity-fixes-mar-2022 layout: blog-post.hbs author: Joe Sepi --- +# _(Update 16-Mar-2022)_ Summary + +The Node.js project will release new versions of the 12.x, 14.x, 16.x, and 17.x +releases lines on or shortly after Thursday, March 17th, 2022 to incorporate +upstream patches from OpenSSL. + +## Impact + +The 17.x release line of Node.js is vulnerable to one High severity issue. + +The 16.x release line of Node.js is vulnerable to one High severity issue. + +The 14.x release line of Node.js is vulnerable to one High severity issue. + +The 12.x release line of Node.js is vulnerable to one High severity issue. + +## Release timing + +Releases will be available on, or shortly after, Thursday, March 17th, 2022. + +## Contact and future updates + +The current Node.js security policy can be found at https://github.com/nodejs/node/blob/master/SECURITY.md. +Please follow the process outlined in https://github.com/nodejs/node/blob/master/SECURITY.md +if you wish to report a vulnerability in Node.js. + +Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization. + +--- + ### Summary The Node.js project may be releasing new versions across all of its supported