January 8
Node API runtime v1.2.15
Security patches
- CWE-1333
December 27, 2023
Node API runtime v1.2.12
Fixes
- Removes write access to unnecessary paths
- Prevents Node Qualified paths from bypassing the deny/shim logic in the require wall.
- Removes access to the ‘module’ module
December 6, 2023
Node API runtime v1.2.5
Fixes
- When running in K8 mode, unhealthy Runtimes now exit if they cannot reach SJM's 'Job' Endpoint.
- Upgrade base Ubuntu image.
Security patches
- CVE-2023-43646
- CVE-2023-28155
August 21, 2023
Node API runtime v1.1.52
Security Patches
- CVE-2022-25883
- CVE-2023-26136
July 27, 2023
Node API runtime v1.1.50
New Feature
- Customers will now see transaction traces and abuse header as part of requests initiated by
$http
June 23, 2023
Node API runtime v1.1.47
Fixes
- Fixed proxy authentication errors caused by special characters encoding in proxy url and password.
Security Patches
- CVE-2023-2968
April 27, 2023
Node API runtime v1.1.40
Fixes
- Upgrades undici version to remediate CVE-2023-24807, CVE-2023-23936
- Upgrades http-cache-semantics version to remediate CVE-2022-25881
March 6, 2023
Node API runtime v1.1.38
Fixes
- Users can now use
$network.setProxyor$network.setProxyForHttpto set proxies for http endpoints
Improvements
- Allows users to set configurable timeouts for heavy monitors
February 28, 2023
Node API runtime v1.1.35
No changes.
February 2, 2023
Node API runtime v1.1.33
Improvements
- Updated packages to remediate CVE-2021-44906, CVE-2021-3765, CVE-2022-33987.