Blog: v15.5.0 release post CVE note (#3622)

Refs: nodejs/node#36798
nodejs · Jan 6, 2021 · 005df79 · 005df79
1 parent d39b1db
commit 005df79
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/locale/en/blog/release/v15.5.0.md b/locale/en/blog/release/v15.5.0.md
@@ -10,6 +10,12 @@ author: Michaël Zasso
 
 ### Notable Changes
 
+#### OpenSSL-1.1.1i
+
+OpenSSL-1.1.1i contains a fix for CVE-2020-1971: OpenSSL - EDIPARTYNAME NULL pointer de-reference (High). This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20201208.txt
+
+Contributed by Myles Borins [#36520](https://github.com/nodejs/node/pull/36520).
+
 #### Extended support for `AbortSignal` in child_process and stream
 
 The following APIs now support an `AbortSignal` in their options object: