OpenSSL forthcoming release of versions 1.0.2f, 1.0.1r

[Starefossen]

The OpenSSL project team would like to announce the forthcoming release of
OpenSSL versions 1.0.2f, 1.0.1r.

These releases will be made available on 28th January between approx. 1pm and
5pm (UTC). They will fix two security defects, one of "high" severity affecting
1.0.2 releases, and one "low" severity affecting all releases.

Please see the following page for further details of severity levels:
https://www.openssl.org/policies/secpolicy.html

Please also note that, as per our previous announcements, support for 1.0.0 and
0.9.8 releases ended on 31st December 2015 and are no longer receiving security
updates. Support for 1.0.1 will end on 31st December 2016.

Source: https://mta.openssl.org/pipermail/openssl-announce/2016-January/000058.html

Node.js is scheduled to release patches for all supported versions of Node.js by 1st of February, but there may be an emergency if-need-be release before that. See nodejs/node#4857 for additional details. The @nodejs/docker team will submit updated versions for the node Docker Image as soon as the new versions have been released. Stay tuned 💓

[tianon]

Thanks for the heads up!

[alex]

This can probably be closed at this point?

[tianon]

👍