The susceptability in the OpenSSL Safety And Security Advisory of Dec 13 2022 do not impact any kind of energetic Node.js launch lines.
Our analysis of the protection advisory is:
Node.js does not call OpenSSL as a different procedure (so the opportunity to utilize the - plan flag is void), neither phone call
the features X509_VERIFY_PARAM_add0_policy()' as well as X509_VERIFY_PARAM_set1_policies()’.
As a result, Node.js is not influenced by this susceptability.
Get in touch with as well as future updates
The present Node.js protection plan can be located at https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security,.
consisting of details on exactly how to report a susceptability in Node.js.
Sign up for the low-volume announcement-only nodejs-sec newsletter at.
https://groups.google.com/forum/#!forum/nodejs-sec to keep up to day on.
protection susceptabilities as well as security-related launches of Node.js as well as the.
tasks preserved in the.
nodejs GitHub company
