ByteBrief

Best read upright.

We're a portrait publication through and through. Turn your phone back and your briefing picks up right where you left it.

(We tried widescreen once. It wasn't us.)

ByteBrief

TechNode.js Blogabout 12 years ago

Node Fixes OpenSSL and UTF-8 Encoding Bug

1 min read

Node v0.8.27 and v0.10.29 fix OpenSSL CVE-2014-0224 and a V8 UTF-8 encoding issue allowing unmatched surrogate pairs. Invalid UTF-8 now gets replaced with U+FFFD. Setting NODE_INVALID_UTF8 preserves old behavior. The change breaks WebSocket RFC compliance, potentially enabling denial of service attacks via socket.io reconnection loops.

Level

Hype check

Tap to vote and see what everyone thinks.

#node.js #openssl #security

Best read upright.

Node Fixes OpenSSL and UTF-8 Encoding Bug

More to chew on!

More to chew on!