Skip to content

2024-04-03, Version 21.7.2 (Current), @RafaelGSS prepared by @marco-ippolito

Compare
Choose a tag to compare
@RafaelGSS RafaelGSS released this 03 Apr 14:26
· 3191 commits to main since this release
v21.7.2

This is a security release.

Notable changes

  • CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High)
  • CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation- (Medium)
  • llhttp version 9.2.1
  • undici version 6.11.1

Commits