Google to Fix Serious Chrome Vulnerability

The Google Chrome team strongly advises to upgrade your browser ASAP
07 March 2019   673

0day vulnerability in Chrome: Google clarified that the browser update released on March 1 contained a patch. It protects from the RCE-vulnerability, which at that moment was actively exploited by hackers.

The security hole was associated with a memory management error in the FileReader API and was reproduced in all versions of the main desktop platforms. It allowed the malefactor to execute a malicious code on the device of the victim.

The Google Chrome team strongly advises to upgrade your browser to version 72.0.3626.121.

Node.js v12.0.0 to be Rolled Out

It has giant list of updates, improvements and changes
24 April 2019   526

The release of Node.js 12.0.0, a platform for executing network applications in JavaScript, is available. Node.js 12.0 refers to branches with a long period of support, but this status will be assigned only in October, after stabilization. Updates for LTS branches are issued for 3 years. Support for the last LTS branch of Node.js 10.0 will last until April 2021, and the year before last LTS-branch 8.0 until January 2020. Support for the intermediate branch Node.js 11.0 will be discontinued in June 2019. The lifetime of the LTS branch 6.0 will end on April 30.

These are some of the large list of updates and new staff:

  • V8 engine was updated to version 7.4 with support for asynchronous stack traces, increasing await performance, parsing JavaScript and calls when the actual and declared number of arguments does not match;
  • TLS 1.3 is now¬†supported in the tls module and TLS 1.0 / 1.1 is shutdown by default;
  • Enhancing protection and checks on the size of allocated memory in the Buffer class;

Get more info at official website.