Node v5.7.1 发布了,以下是更新记录: governance: The Core Technical Committee (CTC)
added four new members to help guide Node.js core development: Evan
Lucas, Rich Trott, Ali Ijaz Sheikh and Сковорода Никита Андреевич
(Nikita Skovoroda). openssl: Upgrade from 1.0.2f to 1.0.2g (Ben Noordhuis) #5507. Fix a double-free defect in parsing malformed DSA keys that may
potentially be used for DoS or memory corruption attacks. It is likely
to be very difficult to use this defect for a practical attack and is
therefore considered low severity for Node.js users. More info is
available at CVE-2016-0705. Fix a defect that can cause memory corruption in certain very rare cases relating to the internal BN_hex2bn() and BN_dec2bn()
functions. It is believed that Node.js is not invoking the code paths
that use these functions so practical attacks via Node.js using this
defect are unlikely to be possible. More info is available at CVE-2016-0797. Fix a defect that makes the CacheBleed Attack
possible. This defect enables attackers to execute side-channel attacks
leading to the potential recovery of entire RSA private keys. It only
affects the Intel Sandy Bridge (and possibly older) microarchitecture
when using hyper-threading. Newer microarchitectures, including Haswell,
are unaffected. More info is available at CVE-2016-0702.
Fixed several regressions that appeared in v5.7.0: Output is no longer unnecessarily verbose (Brian White) #5389. Resolving UNC paths on Windows now works correctly (Owen Smith) #5456. Resolving paths with prefixes now works correctly from the root directory (Owen Smith) #5490. path.relative():
url: Fixed an off-by-one error with parse() (Brian White) #5394. dgram: Now correctly handles a default address case when offset and length are specified (Matteo Collina) #5407.
详情请看:https://nodejs.org/en/blog/release/v5.7.1/#notable-changes | 
