articles

Node v5.7.1(안정 버전)

주요 변경 사항

  • governance: 코어 기술 위원회(CTC)에 Node.js 코어의 개발을 도와 줄 구성원 4명이 새로 추가됐습니다. Evan Lucas, Rich Trott, Ali Ijaz Sheikh, Сковорода Никита Андреевич(Nikita Skovoroda).
  • openssl: 1.0.2f에서 1.0.2g로 업그레이드 했습니다. (Ben Noordhuis) #5507
    • DoS나 메모리 변조(memory corruption) 공격에 사용될 수 있는 형식이 올바르지 않은(malformed) DSA 키를 파싱할 때 발생하는 이중 해제(double-free) 문제를 수정합니다. 실제 공격에 이 결함이 악용되기는 어려울 것이므로 이 결함은 Node.js 사용자에게 낮은 심각도로 판단됩니다. 더 자세한 정보는 CVE-2016-0705에서 볼 수 있습니다.
    • 내부의 BN_hex2bn()BN_dec2bn() 함수와 관련 있는 매우 드문 사례에서 메모리 변조를 일으킬 수 있는 결함을 수정했습니다. Node.js는 이 함수를 사용하는 코드를 호출하지 않으므로 이 결함을 사용한 실제적인 공격은 불가능할 것으로 보입니다. 더 자세한 정보는 CVE-2016-0797에서 볼 수 있습니다.
    • _CacheBleed 공격_을 가능하게 하는 결함을 수정했습니다. 이 결함은 공격자에게 전체 RSA 비공개 키를 복구할 수 있는 부채널 공격(side-channel attack)을 허용합니다. 이 결함은 인텔 샌디 브리지(혹은 그 이전 버전) 마이크로아키텍처에서 하이퍼 스레딩을 사용할 때만 영향을 미칩니다. 하스웰을 비롯한 새로운 마이크로아키텍처에는 영향이 없습니다. 더 자세한 정보는 CVE-2016-0702에서 볼 수 있습니다.
  • v5.7.0에서 발생한 몇 가지 문제를 수정했습니다.
    • path.relative():
      • 출력이 불필요하게 장황한 문제를 해결했습니다. (Brian White) #5389
      • 윈도우 UNC 경로를 제대로 해석하지 못하던 문제를 해결했습니다. (Owen Smith) #5456
      • 접두사가 붙은 경로를 최상위 디렉터리부터 제대로 해석합니다. (Owen Smith) #5490
    • url: parse()의 off-by-one 에러를 해결했습니다. (Brian White) #5394
    • dgram: offset과 length가 주어졌을 때 기본 address를 사용하는 경우를 제대로 처리합니다. (Matteo Collina) #5407

Commits

  • [7cae774d9b] - benchmark: refactor to eliminate redeclared vars (Rich Trott) #5468
  • [6aebe16669] - benchmark: add benchmark for buf.compare() (Rich Trott) #5441
  • [00660f55c8] - benchmark: move string-decoder to its own category (Andreas Madsen) #5177
  • [4650cb3818] - benchmark: fix configuation parameters (Andreas Madsen) #5177
  • [3ccb275139] - benchmark: merge url.js with url-resolve.js (Andreas Madsen) #5177
  • [c1e7dbffaa] - benchmark: move misc to categorized directories (Andreas Madsen) #5177
  • [2f9fee6e8e] - benchmark: use strict mode (Rich Trott) #5336
  • [4c09e7f359] - build: remove --quiet from eslint invocation (firedfox) #5519
  • [2c619f2012] - build: run lint before tests (Rich Trott) #5470
  • [f349a9a2cf] - build: update Node.js logo on OSX installer (Rod Vagg) #5401
  • [88f393588a] - crypto: PBKDF2 works with int not ssize_t (Fedor Indutny) #5397
  • [1e86804503] - deps: upgrade openssl to 1.0.2g (Ben Noordhuis) #5507
  • [d3f9b84be8] - dgram: handle default address case when offset and length are specified (Matteo Collina)
  • [f1f3832934] - doc: update NAN urls in ROADMAP.md and doc/releases.md (ronkorving) #5472
  • [51bc062dab] - doc: add CTC meeting minutes 2016-02-17 (Rod Vagg) #5410
  • [795c85ba1c] - doc: fix typo in child_process documentation (Evan Lucas) #5474
  • [0a56e9690b] - doc: add note for binary safe string reading (Anton Andesen) #5155
  • [ea8331e15f] - doc: improvements to crypto.markdown copy (Alexander Makarenko) #5230
  • [378a772034] - doc: require behavior on case-insensitive systems (Hugo Wood)
  • [06b7eb6636] - doc: document base64url encoding support (Tristan Slominski) #5243
  • [8ec3d904cb] - doc: improve httpVersionMajor / httpVersionMajor (Jackson Tian) #5296
  • [534e88f56c] - doc: fix relative links in net docs (Evan Lucas) #5358
  • [7b98a30976] - doc: fix crypto function indentation level (Brian White) #5460
  • [c0fd802cc2] - doc: link to man pages (dcposch@dcpos.ch) #5073
  • [f8c6701e22] - doc: add missing property in cluster example (Rafael Cepeda) #5305
  • [3bfe0483f0] - doc: corrected name of argument in socket.send (Chris Dew) #5449
  • [c8725f5e95] - doc: fix links in tls, cluster docs (Alexander Makarenko) #5364
  • [7f2cf9af5c] - doc: explicit about VS 2015 support in readme (Phillip Johnsen) #5406
  • [12d3cdbfea] - doc: remove out-of-date matter from internal docs (Rich Trott) #5421
  • [43853679f7] - doc: copyedit util doc (Rich Trott) #5399
  • [903e8d09e1] - doc: fix typo in pbkdf2Sync code sample (Marc Cuva) #5306
  • [79b1c22c9f] - doc: fix buf.readInt16LE output (Chinedu Francis Nwafili) #5282
  • [e46915f2f3] - doc: note util.isError() @@toStringTag limitations (cjihrig) #5414
  • [935fd21fff] - doc: clarify error handling in net.createServer (Dirceu Pereira Tiegs) #5353
  • [93dce6d4fe] - doc: document fs.datasync(Sync) (Ron Korving) #5402
  • [96daf51358] - doc: add Evan Lucas to the CTC (Rod Vagg) #5275
  • [31b405d0cf] - doc: add Rich Trott to the CTC (Rod Vagg) #5276
  • [bcd154e402] - doc: add Ali Ijaz Sheikh to the CTC (Rod Vagg) #5277
  • [9d0330c804] - doc: add Сковорода Никита Андреевич to the CTC (Rod Vagg) #5278
  • [365cc63783] - doc: add “building node with ninja” guide (Jeremiah Senkpiel) #4767
  • [2b00c315e1] - doc: mention prototype check in deepStrictEqual() (cjihrig) #5367
  • [ff988b3ee6] - doc,tools,test: lint doc-based addon tests (Rich Trott) #5427
  • [d77c3bf204] - http_parser: use MakeCallback (Trevor Norris) #5419
  • [e3421ac296] - lib: freelist: use .pop() for allocation (Anton Khlynovskiy) #2174
  • [91d218d096] - path: fix path.relative() for prefixes at root (Owen Smith) #5490
  • [ef7a088906] - path: fix win32 parse() (Zheng Chaoping) #5484
  • [871396ce8f] - path: fix win32 relative() for UNC paths (Owen Smith) #5456
  • [91782f1888] - path: fix win32 relative() when “to” is a prefix (Owen Smith) #5456
  • [30cec18eeb] - path: fix verbose relative() output (Brian White) #5389
  • [2b88523836] - repl: fix stack trace column number in strict mode (Prince J Wesley) #5416
  • [51db48f741] - src,tools: remove null sentinel from source array (Ben Noordhuis) #5418
  • [03a5daba55] - src,tools: drop nul byte from built-in source code (Ben Noordhuis) #5418
  • [17d14f3346] - src,tools: allow utf-8 in built-in js source code (Ben Noordhuis) #5418
  • [12ae6abc69] - test: increase timeout for test-tls-fast-writing (Rich Trott) #5466
  • [81348e8855] - test: apply Linux workaround to Linux only (Rich Trott) #5471
  • [c4d9cdb7d0] - test: allow options for v8 testing (Michael Dawson) #5502
  • [d1a82c6824] - test: retry on known SmartOS bug (Rich Trott) #5454
  • [c7f8a13043] - test: remove unneeded bind() and related comments (Aayush Naik) #5023
  • [cc4cbb10df] - test: fix flaky child-process-fork-regr-gh-2847 (Santiago Gimeno) #5422
  • [0ebbf6cd53] - test: remove flaky designation from fixed tests (Rich Trott) #5459
  • [c83725c604] - test: add test-cases for posix path.relative() (Owen Smith) #5456
  • [22bb7c9d27] - test: fix test runner arg regression (Stefan Budeanu) #5446
  • [8c67b94b11] - test: refactor test-dgram-send-callback-recursive (Santiago Gimeno) #5079
  • [2c21d34a2f] - test: refactor test-dgram-udp4 (Santiago Gimeno) #5339
  • [479a43c876] - test: allow passing args to executable (Stefan Budeanu) #5376
  • [ff75023812] - test: fix test-timers.reliability on OS X (Rich Trott) #5379
  • [991f82b4bd] - test: mitigate flaky test-http-agent (Rich Trott) #5346
  • [0f54553a99] - test: increase timeouts on some unref timers tests (Jeremiah Senkpiel) #5352
  • [25c01cd779] - tls: fix assert in context._external accessor (Ben Noordhuis) #5521
  • [5ffd7430d1] - tools: apply custom buffer lint rule to /lib only (Rich Trott) #5371
  • [fa5d28f246] - tools: enable additional lint rules (Rich Trott) #5357
  • [b44b701e5b] - tools,benchmark: increase lint compliance (Rich Trott) #5429
  • [9424fa5732] - url: group slashed protocols by protocol name (nettofarah) #5380
  • [dfe45f13e7] - url: fix off-by-one error with parse() (Brian White) #5394

Windows 32-bit Installer: https://nodejs.org/dist/v5.7.1/node-v5.7.1-x86.msi

Windows 64-bit Installer: https://nodejs.org/dist/v5.7.1/node-v5.7.1-x64.msi

Windows 32-bit Binary: https://nodejs.org/dist/v5.7.1/win-x86/node.exe

Windows 64-bit Binary: https://nodejs.org/dist/v5.7.1/win-x64/node.exe

Mac OS X 64-bit Installer: https://nodejs.org/dist/v5.7.1/node-v5.7.1.pkg

Mac OS X 64-bit Binary: https://nodejs.org/dist/v5.7.1/node-v5.7.1-darwin-x64.tar.gz

Linux 32-bit Binary: https://nodejs.org/dist/v5.7.1/node-v5.7.1-linux-x86.tar.xz

Linux 64-bit Binary: https://nodejs.org/dist/v5.7.1/node-v5.7.1-linux-x64.tar.xz

Linux PPC LE 64-bit Binary: https://nodejs.org/dist/v5.7.1/node-v5.7.1-linux-ppc64le.tar.xz

SmartOS 32-bit Binary: https://nodejs.org/dist/v5.7.1/node-v5.7.1-sunos-x86.tar.xz

SmartOS 64-bit Binary: https://nodejs.org/dist/v5.7.1/node-v5.7.1-sunos-x64.tar.xz

ARMv6 32-bit Binary: https://nodejs.org/dist/v5.7.1/node-v5.7.1-linux-armv6l.tar.xz

ARMv7 32-bit Binary: https://nodejs.org/dist/v5.7.1/node-v5.7.1-linux-armv7l.tar.xz

ARMv8 64-bit Binary: https://nodejs.org/dist/v5.7.1/node-v5.7.1-linux-arm64.tar.xz

Source Code: https://nodejs.org/dist/v5.7.1/node-v5.7.1.tar.gz

Other release files: https://nodejs.org/dist/v5.7.1/

Documentation: https://nodejs.org/docs/v5.7.1/api/

Shasums (GPG signing hash: SHA512, file hash: SHA256):

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

25627633163e6ad47e62cd9aaab04e47707b51ecc5aaa05f35a2d6419dbe054c  node-v5.7.1-darwin-x64.tar.gz
7d23cb68d8587a6baa8f9023bf326430ca50d669817bac2cd6129cdb435ac0c3  node-v5.7.1-darwin-x64.tar.xz
6d2241bc1e5049de3651873d63b84c37f8684027b1a34928ce6bbe745057ca70  node-v5.7.1-headers.tar.gz
655cbc2da0808edbb965fbb698713ea022e9e7d311604e0ae73904de59df528c  node-v5.7.1-headers.tar.xz
b075aa249eb1e00e1e84e6f5964d4f93c39aa6d817c25280bf885bfcf906c7fc  node-v5.7.1-linux-arm64.tar.gz
61f411e5352d10533cfde00ff2e5b3bc0c31326d46e4e76a0736cf44e2f031ea  node-v5.7.1-linux-arm64.tar.xz
ddde92eb9b80e58efec88138fa7351e21000b22414ebff754c7ab38dedbab89f  node-v5.7.1-linux-armv6l.tar.gz
dd1ade05801824f0386a43890c1500715e628ac4a78b85eb6f2949edad5eaa7c  node-v5.7.1-linux-armv6l.tar.xz
2370e6ad65dedc1eadcc1b3a481e922a8b5afacee9e90eb6700fee876eb59a5b  node-v5.7.1-linux-armv7l.tar.gz
4617186ac4e615f2166dbbd0ef923971d37af630f4aad85cd93bacba74c56fb9  node-v5.7.1-linux-armv7l.tar.xz
f3de80e67a3f055bb3e2ecdb9e4b6cc45183a6cbee2b728f243d46a6fd94f542  node-v5.7.1-linux-ppc64le.tar.gz
81b0e67145e317f4c6f9be58a3485990285fdd866f2c11509ffc68927d2e75d4  node-v5.7.1-linux-ppc64le.tar.xz
fcded78b45549e2195eecb36138ba29b6f353d0d136d4e8b80648770418f1e5b  node-v5.7.1-linux-x64.tar.gz
5584895f87a57ee26a75bf8505f6a2350a3ab219accf1df44c2f6406ddfad6ed  node-v5.7.1-linux-x64.tar.xz
4382b7366f3448d42f09d63f7dfccf45bf67f8be94d2bfe7203bdc79d0ae64e8  node-v5.7.1-linux-x86.tar.gz
6a9063fd23bf4e14d966f18b3cf092192f2a05daf8e6253b92adc2be422959e1  node-v5.7.1-linux-x86.tar.xz
d96c04a7df03f630e66fdf5173912cfb1e412bba4453aad67e007d5bb59d16b4  node-v5.7.1.pkg
0ebab64c25a417b741f666db1765c7358e413d895d4dd0ca9e967fdbb1770a72  node-v5.7.1-sunos-x64.tar.gz
8f7bc96926e75971ade13c183378929442021eca5055752b0b47601b60b1a474  node-v5.7.1-sunos-x64.tar.xz
1deb8d1eee46dfdb15c01fea1b283cc9115d78d2e4757ab6192b80bf52d61f99  node-v5.7.1-sunos-x86.tar.gz
43221b7de7c0e684d65e1898244f876deb25c3e0d614e7f01261a6af5e39f3b7  node-v5.7.1-sunos-x86.tar.xz
ecd4956335c6b86f1b72fd203abd9a833717e6800edb12208d0e3ce625330198  node-v5.7.1.tar.gz
029ed8aeb997c68d1a901cd837af02d24b6b5e20a4ff93bed090fd289f91a9a1  node-v5.7.1.tar.xz
d453670c8edf551fc319fcb997cae8e19180aa09593d0228730fc8997c02316c  node-v5.7.1-x64.msi
f486032411c50a6ea40d361067eb78d2e383737f72d0c14e081e04aff23e6991  node-v5.7.1-x86.msi
de17f951cc28bcd90015703b23e153d19673ee476016d923ff9e5588a6f17593  win-x64/node.exe
752e5b5ea84e7bc828582bceb5ff2faade62234d63f4924ac935c0cc0d2c1bdf  win-x64/node.lib
249614b8ab6106d91229c1b3c2732b0985334e9b3c28c25bff2d681ab5730a56  win-x86/node.exe
4237fb7203656e3caffb4af4ea7875957a4d26860576de52767abfed88f5f7b8  win-x86/node.lib
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJW13WxAAoJEEX17r2BPa6OTokP/At3k4PP5DuSviM3hWGINJUB
FHgtwN5ZhV2L07mLwOsD2uogvjBIe8FnNPtLiB1On80E17lMyvUC8GfYmaxG1QWx
fYIMA/vDPtEE9ckUJ0zF800z9nECjLbFQ1aJ2iCz5yPS7rg/1RsMokpGa5+PbrRB
L5DPBU+I9ZImiQKVF4cscIPfCdBd9itPwVSBLNn9silnAdX4s8kMcIg0O3uXI2S5
k3A3b7tsUDEWhdg3uq4R3t/Y8uzsjpywYRbJQMqQ67RBFE64N3eRRygUWKOgmyob
rPZNAsARu0k3ORn48gfauCTaxxqsdVd3Wrp2thFD5KOs8/TVXKjIrKkoNynGNgTE
S+iWCWCj7n7inGMslq6hHCzxwgbhtRQKMyQW7uGJak4OhrlNsn/7GW9HDTQDxSof
SQgt62++j3wJ4U9Ywl18ZB790BmjxIzH6K5qxK+sW6cADHXRobeYWX/IU5c2y+Gz
wKMMHejQlSPZM4aZYJlBuUcWlkex7o5Mhkpu5hq+OWIN9c2uPJJ35Jh5m/ZGL8AL
ZmlrFU2esrO0a7R2PV0+9ESG7x8aizvY7vquuVdF3uMn3CrfWG0ssp/xWpAHWorK
qUUdd4fdX57rdxuyWj58t7Iq2ri6RxgNf2nnZiFyUyfGdsOzyrNT6ES5exnjdzxw
K5Jnwx41hOBpEJ1XMwRn
=8dum
-----END PGP SIGNATURE-----