2014.12.17, Version 0.10.34 (Stable)

* uv: update to v0.10.30

* zlib: upgrade to v1.2.8

* child_process: check execFile args is an array (Sam Roberts)

* child_process: check fork args is an array (Sam Roberts)

* crypto: update root certificates (Ben Noordhuis)

* domains: fix issues with abort on uncaught (Julien Gilli)

* timers: Avoid linear scan in _unrefActive. (Julien Gilli)

* timers: fix unref() memory leak (Trevor Norris)

* v8: add api for aborting on uncaught exception (Julien Gilli)

* debugger: fix when using "use strict" (Julien Gilli)

2014.10.20, Version 0.10.33 (Stable)

* openssl: Update to 1.0.1j (Addressing multiple CVEs)

* uv: Update to v0.10.29

* child_process: properly support optional args (cjihrig)

* crypto: Disable autonegotiation for SSLv2/3 by default (Fedor Indutny,
Timothy J Fontaine, Alexis Campailla)

This is a behavior change, by default we will not allow the negotiation to
SSLv2 or SSLv3. If you want this behavior, run Node.js with either
`--enable-ssl2` or `--enable-ssl3` respectively.

This does not change the behavior for users specifically requesting
`SSLv2_method` or `SSLv3_method`. While this behavior is not advised, it is
assumed you know what you're doing since you're specifically asking to use
these methods.

2014.09.24, Version 0.11.14 (Unstable)

* uv: Upgrade to v1.0.0-rc1

* http_parser: Upgrade to v2.3.0

* npm: Upgrade to v2.0.0

* openssl: Upgrade to v1.0.1i

* v8: Upgrade to 3.26.33

* Add fast path for simple URL parsing (Gabriel Wicke)

* Added support for options parameter in console.dir() (Xavi Magrinyà)

* Cluster: fix shared handles on Windows (Alexis Campailla)

* buffer: Fix incorrect Buffer.compare behavior (Feross Aboukhadijeh)

* buffer: construct new buffer from buffer toJSON() output (cjihrig)

* buffer: improve Buffer constructor (Kang-Hao Kenny)

* build: linking CoreFoundation framework for OSX (Thorsten Lorenz)

* child_process: accept uid/gid everywhere (Fedor Indutny)

* child_process: add path to spawn ENOENT Error (Ryan Cole)

* child_process: copy spawnSync() cwd option to proper buffer (cjihrig)

* child_process: do not access stderr when stdio set to 'ignore' (cjihrig)

* child_process: don't throw on EAGAIN (Charles)

* child_process: don't throw on EMFILE/ENFILE (Ben Noordhuis)

* child_process: use full path for cmd.exe on Win32 (Ed Morley)

* cluster: allow multiple calls to setupMaster() (Ryan Graham)

* cluster: centralize removal from workers list. (Julien Gilli)

* cluster: enable error/message events using .worker (cjihrig)

* cluster: include settings object in 'setup' event (Ryan Graham)

* cluster: restore v0.10.x setupMaster() behaviour (Ryan Graham)

* cluster: support options in Worker constructor (cjihrig)

* cluster: test events emit on cluster.worker (Sam Roberts)

* console: console.dir() accepts options object (Xavi Magrinyà)

* crypto: add `honorCipherOrder` argument (Fedor Indutny)

* crypto: allow padding in RSA methods (Fedor Indutny)

* crypto: clarify RandomBytes() error msg (Mickael van der Beek)

* crypto: never store pointer to conn in SSL_CTX (Fedor Indutny)

* crypto: unsigned value can't be negative (Brian White)

* dgram: remove new keyword from errnoException (Jackson Tian)

* dns: always set variable family in lookup() (cjihrig)

* dns: include host name in error message if available (Maciej Małecki)

* dns: introduce lookupService function (Saúl Ibarra Corretgé)

* dns: send lookup c-ares errors to callback (Chris Dickinson)

* dns: throw if hostname is not string or falsey (cjihrig)

* events: Output the event that is leaking (Arnout Kazemier)

* fs: close file if fstat() fails in readFile() (cjihrig)

* fs: fs.readFile should not throw uncaughtException (Jackson Tian)

* http: add 308 status_code, see RFC7238 (Yazhong Liu)

* http: don't default OPTIONS to chunked encoding (Nick Muerdter)

* http: fix bailout for writeHead (Alex Kocharin)

* http: remove unused code block (Fedor Indutny)

* http: write() after end() emits an error. (Julien Gilli)

* lib, src: add vm.runInDebugContext() (Ben Noordhuis)

* lib: noisy deprecation of child_process customFds (Ryan Graham)

* module: don't require fs several times (Robert Kowalski)

* net,dgram: workers can listen on exclusive ports (cjihrig)

* net,stream: add isPaused, don't read() when paused (Chris Dickinson)

* net: Ensure consistent binding to IPV6 if address is absent (Raymond Feng)

* net: add remoteFamily for socket (Jackson Tian)

* net: don't emit listening if handle is closed (Eli Skeggs)

* net: don't prefer IPv4 addresses during resolution (cjihrig)

* net: don't throw on net.Server.close() (cjihrig)

* net: reset `errorEmitted` on reconnect (Ed Umansky)

* node: set names for prototype methods (Trevor Norris)

* node: support v8 microtask queue (Vladimir Kurchatkin)

* path: fix slice OOB in trim (Lucio M. Tato)

* path: isAbsolute() should always return boolean (Herman Lee)

* process: throw TypeError if kill pid not a number (Sam Roberts)

* querystring: custom encode and decode (fengmk2)

* querystring: do not add sep for empty array (cjihrig)

* querystring: remove prepended ? from query field (Ezequiel Rabinovich)

* readline: fix close event of readline.Interface() (Yazhong Liu)

* readline: fixes scoping bug (Dan Kaplun)

* readline: implements keypress buffering (Dan Kaplun)

* repl: fix multi-line input (Fedor Indutny)

* repl: fix overwrite for this._prompt (Yazhong Liu)

* repl: proper `setPrompt()` and `multiline` support (Fedor Indutny)

* stream: don't try to finish if buffer is not empty (Vladimir Kurchatkin)

* stream: only end reading on null, not undefined (Jonathan Reem)

* streams: set default hwm properly for Duplex (Andrew Oppenlander)

* string_bytes: ucs2 support big endian (Andrew Low)

* tls, crypto: add DHE support (Shigeki Ohtsu)

* tls: `checkServerIdentity` option (Trevor Livingston)

* tls: add DHE-RSA-AES128-SHA256 to the def ciphers (Shigeki Ohtsu)

* tls: better error reporting at cert validation (Fedor Indutny)

* tls: support multiple keys/certs (Fedor Indutny)

* tls: throw an error, not string (Jackson Tian)

* udp: make it possible to receive empty udp packets (Andrius Bentkus)

* url: treat  the same as / (isaacs)

2014.09.16, Version 0.10.32 (Stable)

* npm: Update to 1.4.28

* v8: fix a crash introduced by previous release (Fedor Indutny)

* configure: add --openssl-no-asm flag (Fedor Indutny)

* crypto: use domains for any callback-taking method (Chris Dickinson)

* http: do not send `0rnrn` in TE HEAD responses (Fedor Indutny)

* querystring: fix unescape override (Tristan Berger)

* url: Add support for RFC 3490 separators (Mathias Bynens)

2014.08.19, Version 0.10.31 (Stable)

* v8: backport CVE-2013-6668

* openssl: Update to v1.0.1i

* npm: Update to v1.4.23

* cluster: disconnect should not be synchronous (Sam Roberts)

* fs: fix fs.readFileSync fd leak when get RangeError (Jackson Tian)

* stream: fix Readable.wrap objectMode falsy values (James Halliday)

* timers: fix timers with non-integer delay hanging. (Julien Gilli)

2014.07.31, Version 0.8.28 (maintenance)

* v8: Interrupts must not mask stack overflow. (Fedor Indutny)

2014.07.31, Version 0.10.30 (Stable)

* uv: Upgrade to v0.10.28

* npm: Upgrade to v1.4.21

* v8: Interrupts must not mask stack overflow.

* Revert "stream: start old-mode read in a next tick" (Fedor Indutny)

* buffer: fix sign overflow in `readUIn32BE` (Fedor Indutny)

* buffer: improve {read,write}{U}Int* methods (Nick Apperson)

* child_process: handle writeUtf8String error (Fedor Indutny)

* deps: backport 4ed5fde4f from v8 upstream (Fedor Indutny)

* deps: cherry-pick eca441b2 from OpenSSL (Fedor Indutny)

* lib: remove and restructure calls to isNaN() (cjihrig)

* module: eliminate double `getenv()` (Maciej Małecki)

* stream2: flush extant data on read of ended stream (Chris Dickinson)

* streams: remove unused require('assert') (Rod Vagg)

* timers: backport f8193ab (Julien Gilli)

* util.h: interface compatibility (Oguz Bastemur)

* zlib: do not crash on write after close (Fedor Indutny)

2014.06.09, Version 0.8.27 (maintenance)

* openssl: update to 1.0.0m (CVE-2014-0224)

* utf8: Prevent Node from sending invalid UTF-8 (Felix Geisendörfer)
  - *NOTE* this introduces a breaking change, previously you could construct
invalid UTF-8 and invoke an error in a client that was expecting valid
UTF-8, now unmatched surrogate pairs are replaced with the unknown UTF-8
character. To restore the old functionality simply have NODE_INVALID_UTF8
environment variable set.

* tls: fix pool usage race (Fedor Indutny)

* fs: close file if fstat() fails in readFile() (cjihrig)

2014.06.05, Version 0.10.29 (Stable)

* openssl: to 1.0.1h (CVE-2014-0224)

* npm: upgrade to 1.4.10

* utf8: Prevent Node from sending invalid UTF-8 (Felix Geisendörfer)
  - *NOTE* this introduces a breaking change, previously you could construct
invalid UTF-8 and invoke an error in a client that was expecting valid
UTF-8, now unmatched surrogate pairs are replaced with the unknown UTF-8
character. To restore the old functionality simply have NODE_INVALID_UTF8
environment variable set.

* child_process: do not set args before throwing (Greg Sabia Tucker)

* child_process: spawn() does not throw TypeError (Greg Sabia Tucker)

* constants: export O_NONBLOCK (Fedor Indutny)

* crypto: improve memory usage (Alexis Campailla)

* fs: close file if fstat() fails in readFile() (cjihrig)

* lib: name EventEmitter prototype methods (Ben Noordhuis)

* tls: fix performance issue (Alexis Campailla)

2014.05.01, Version 0.11.13 (Unstable)

* v8: upgrade to 3.24.35.22

* buffer: add compare and equals methods (Sean McArthur)

* buffer: improve {read,write}{U}Int* methods (Nick Apperson)

* buffer: return uint if MSB is 1 in readUInt32 (goussardg)

* buffer: truncate buffer after string decode (Fedor Indutny)

* child_process: fix assertion error in spawnSync (Shigeki Ohtsu)

* crypto: fix memory leak in CipherBase::Final (Fedor Indutny)

* crypto: improve error messages (Ingmar Runge)

* crypto: move `createCredentials` to tls (Fedor Indutny)

* crypto: work around OpenSSL oddness (Fedor Indutny)

* dgram: introduce `reuseAddr` option (Fedor Indutny)

* domain: don't crash on "throw null" (Alex Kocharin)

* events: check if _events is an own property (Vladimir Kurchatkin)

* fs: improve performance of all stat functions (James Pickard)

* fs: return blksize on stats object (Trevor Norris)

* http: add request.flush() method (Ben Noordhuis)

* http: better client "protocol not supported" error (Nathan Rajlich)

* http: use defaultAgent.protocol in protocol check (Nathan Rajlich)

* main: Handle SIGINT properly. (Geir Hauge)

* net: bind to `::` TCP address by default (Fedor Indutny)

* readline: consider newlines for cursor position (Yazhong Liu)

* stream: split `objectMode` for Duplex (Vladimir Kurchatkin)

* tls: `getPeerCertificate(detailed)` (Fedor Indutny)

* tls: do not call SNICallback unless present (Fedor Indutny)

* tls: force readable/writable to `true` (Fedor Indutny)

* tls: support OCSP on client and server (Fedor Indutny)

* util: made util.isArray a direct alias for Array.isArray (Evan Carroll)

2014.05.01, Version 0.10.28 (Stable)

* npm: upgrade to v1.4.9

2014.05.01, Version 0.10.27 (Stable)

* npm: upgrade to v1.4.8

* openssl: upgrade to 1.0.1g

* uv: update to v0.10.27

* dns: fix certain txt entries (Fedor Indutny)

* assert: Ensure reflexivity of deepEqual (Mike Pennisi)

* child_process: fix deadlock when sending handles (Fedor Indutny)

* child_process: fix sending handle twice (Fedor Indutny)

* crypto: do not lowercase cipher/hash names (Fedor Indutny)

* dtrace: workaround linker bug on FreeBSD (Fedor Indutny)

* http: do not emit EOF non-readable socket (Fedor Indutny)

* http: invoke createConnection when no agent (Nathan Rajlich)

* stream: remove useless check (Brian White)

* timer: don't reschedule timer bucket in a domain (Greg Brail)

* url: treat  the same as / (isaacs)

* util: format as Error if instanceof Error (Rod Vagg)

2014.03.11, Version 0.11.12 (Unstable)

* uv: Upgrade to v0.11.22 (Timothy J Fontaine)

* buffer: allow toString to accept Infinity for end (Brian White)

* child_process: add spawnSync/execSync (Bert Belder, Timothy J Fontaine)

* cluster: handle bind errors on Windows (Alexis Campailla)

* contextify: handle infinite recursion errors (Fedor Indutny)

* crypto: allow custom generator for DiffieHellman (Brian White)

* crypto: allow setting add'l authenticated data (Brian White)

* crypto: fix CipherFinal return value check (Brian White)

* crypto: make NewSessionDoneCb public (Fedor Indutny)

* dgram: pass the bytes sent to the send callback (Timothy J Fontaine)

* dns: validate arguments in resolver (Kenan Sulayman)

* dns: verify argument is valid function in resolve (Kenan Sulayman)

* http: avoid duplicate keys in writeHead (David Björklund)

* net: add localPort to connect options (Timothy J Fontaine)

* node: do not print SyntaxError hints to stderr (Fedor Indutny)

* node: invoke `beforeExit` again if loop was active (Fedor Indutny)

* node: make AsyncListenerInst field more explicit (Trevor Norris)

* os: networkInterfaces include scopeid for ipv6 (Xidorn Quan)

* process: allow changing `exitCode` in `on('exit')` (Fedor Indutny)

* readline: fix `line` event, if input emit 'end' (Yazhong Liu)

* src: add tracing.v8.on('gc') statistics hooks (Ben Noordhuis)

* src: add v8.getHeapStatistics() function (Ben Noordhuis)

* src: emit 'beforeExit' event on process object (Ben Noordhuis)

* src: move AsyncListener from process to tracing (Trevor Norris)

* tls: fix crash in SNICallback (Fedor Indutny)

* tls: introduce asynchronous `newSession` (Fedor Indutny)

* util: show meaningful values for boxed primitives (Nathan Rajlich)

* vm: don't copy Proxy object from parent context (Ben Noordhuis)

* windows: make stdout/sterr pipes blocking (Alexis Campailla)

* zlib: add sync versions for convenience methods (Nikolai Vavilov)

2014.02.18, Version 0.10.26 (Stable)

* uv: Upgrade to v0.10.25 (Timothy J Fontaine)

* npm: upgrade to 1.4.3 (isaacs)

* v8: support compiling with VS2013 (Fedor Indutny)

* cares: backport TXT parsing fix (Fedor Indutny)

* crypto: throw on SignFinal failure (Fedor Indutny)

* crypto: update root certificates (Ben Noordhuis)

* debugger: Fix breakpoint not showing after restart (Farid Neshat)

* fs: make unwatchFile() insensitive to path (iamdoron)

* net: do not re-emit stream errors (Fedor Indutny)

* net: make Socket destroy() re-entrance safe (Jun Ma)

* net: reset `endEmitted` on reconnect (Fedor Indutny)

* node: do not close stdio implicitly (Fedor Indutny)

* zlib: avoid assertion in close (Fedor Indutny)

2014.01.29, Version 0.11.11 (Unstable)

* v8: Upgrade to 3.22.24.19

* http_parser: Upgrade to 2.2.1

* openssl: Upgrade to 1.0.1f

* uv: Upgrade to 0.11.18

* async-listener: revamp of subsystem (Trevor Norris)

* node: do not ever close stdio (Fedor Indutny)

* http: use writev on chunked encoding (Trevor Norris)

* async_wrap/timers: remove Add/RemoveAsyncListener (Trevor Norris)

* child_process: better error reporting for exec (Fedor Indutny)

* crypto: add newline to cert and key if not present (Fedor Indutny)

* crypto: clear error in GetPeerCertificate (Fedor Indutny)

* crypto: honor default ciphers in client mode (Jacob Hoffman-Andrews)

* crypto: introduce .setEngine(engine, [flags]) (Fedor Indutny)

* crypto: support custom pbkdf2 digest methods (Ben Noordhuis)

* domain: fix off-by-one in Domain.exit() (Ryan Graham)

* http: concatenate duplicate headers by default (Alex Kocharin)

* http: do not emit EOF non-readable socket (Fedor Indutny)

* node: fix argument parsing with -p arg (Alexis Campailla)

* path: improve POSIX path.join() performance (Jo Liss)

* tls: emit `clientError` on early socket close (Fedor Indutny)

* tls: introduce `.setMaxSendFragment(size)` (Fedor Indutny)

* tls: make cert/pfx optional in tls.createServer() (Ben Noordhuis)

* tls: process accumulated input (Fedor Indutny)

* tls: show human-readable error messages (Ben Noordhuis)

* util: handle escaped forward slashes correctly (Tom Gallacher)

2014.01.23, Version 0.10.25 (Stable)

* uv: Upgrade to v0.10.23

* npm: Upgrade to v1.3.24

* v8: Fix enumeration for objects with lots of properties

* child_process: fix spawn() optional arguments (Sam Roberts)

* cluster: report more errors to workers (Fedor Indutny)

* domains: exit() only affects active domains (Ryan Graham)

* src: OnFatalError handler must abort() (Timothy J Fontaine)

* stream: writes may return false but forget to emit drain (Yang Tianyang)

2013.12.31, Version 0.11.10 (Unstable)

* http_parser: update to 2.2

* uv: Upgrade to v0.11.17

* v8: Upgrade to 3.22.24.10

* buffer: optimize writeInt* methods (Paul Loyd)

* child_process: better error handling (Alexis Campailla)

* cluster: do not synchronously emit 'setup' event (Sam Roberts)

* cluster: restore backwards compatibility and various fixes (Sam Roberts)

* crypto: remove unnecessary OpenSSL_add_all_digests (Yorkie)

* crypto: support GCM authenticated encryption mode. (Ingmar Runge)

* dns: add resolveSoa and 'SOA' rrtype (Tuğrul Topuz)

* events: move EE c'tor guts to EventEmitter.init (Bert Belder)

* http: DELETE shouldn't default to chunked encoding (Lalit Kapoor)

* http: parse the status message in a http response. (Cam Swords)

* node: fix removing AsyncListener in callback (Vladimir Kurchatkin)

* node: follow specification, zero-fill ArrayBuffers (Trevor Norris)

* openssl: use ASM optimized routines (Fedor Indutny)

* process: allow nextTick infinite recursion (Trevor Norris)

* querystring: remove `name` from `stringify()` (Yorkie)

* timers: setImmediate v8 optimization fix (pflannery)

* tls: add serialNumber to getPeerCertificate() (Ben Noordhuis)

* tls: reintroduce socket.encrypted (Fedor Indutny)

* tls: fix handling of asterisk in SNI context (Fedor Indutny)

* util: Format negative zero as '-0' (David Chan)

* vm: fix race condition in timeout (Alexis Campailla)

* windows: fix dns lookup of localhost with ipv6 (Alexis Campailla)

2013.12.18, Version 0.10.24 (Stable)

* uv: Upgrade to v0.10.21

* npm: upgrade to 1.3.21

* v8: backport fix for CVE-2013-{6639|6640}

* build: unix install node and dep library headers (Timothy J Fontaine)

* cluster, v8: fix --logfile=%p.log (Ben Noordhuis)

* module: only cache package main (Wyatt Preul)

2013.12.12, Version 0.10.23 (Stable)

* uv: Upgrade to v0.10.20 (Timothy J Fontaine)

* npm: Upgrade to 1.3.17 (isaacs)

* gyp: update to 78b26f7 (Timothy J Fontaine)

* build: include postmortem symbols on linux (Timothy J Fontaine)

* crypto: Make Decipher._flush() emit errors. (Kai Groner)

* dgram: fix abort when getting `fd` of closed dgram (Fedor Indutny)

* events: do not accept NaN in setMaxListeners (Fedor Indutny)

* events: avoid calling `once` functions twice (Tim Wood)

* events: fix TypeError in removeAllListeners (Jeremy Martin)

* fs: report correct path when EEXIST (Fedor Indutny)

* process: enforce allowed signals for kill (Sam Roberts)

* tls: emit 'end' on .receivedShutdown (Fedor Indutny)

* tls: fix potential data corruption (Fedor Indutny)

* tls: handle `ssl.start()` errors appropriately (Fedor Indutny)

* tls: reset NPN callbacks after SNI (Fedor Indutny)

2013.11.20, Version 0.11.9 (Unstable)

* uv: upgrade to v0.11.15 (Timothy J Fontaine)

* v8: upgrade to 3.22.24.5 (Timothy J Fontaine)

* buffer: remove warning when no encoding is passed (Trevor Norris)

* build: make v8 use random seed for hash tables (Ben Noordhuis)

* crypto: build with shared openssl without NPN (Ben Noordhuis)

* crypto: update root certificates (Ben Noordhuis)

* debugger: pass on v8 debug switches (Ben Noordhuis)

* domain: use AsyncListener API (Trevor Norris)

* fs: add recursive subdirectory support to fs.watch (Nick Simmons)

* fs: make fs.watch() non-recursive by default (Ben Noordhuis)

* http: cleanup freeSockets when socket destroyed (fengmk2)

* http: force socket encoding to be null (isaacs)

* http: make DELETE requests set `req.method` (Nathan Rajlich)

* node: add AsyncListener support (Trevor Norris)

* src: remove global HandleScope that hid memory leaks (Ben Noordhuis)

* tls: add ECDH ciphers support (Erik Dubbelboer)

* tls: do not default to 'localhost' servername (Fedor Indutny)

* tls: more accurate wrapping of connecting socket (Fedor Indutny)