安全更新

¥Security updates

Node.js 漏洞直接影响 Express。因此,密切关注 Node.js 漏洞 并确保你使用的是最新稳定版本的 Node.js。

¥Node.js vulnerabilities directly affect Express. Therefore, keep a watch on Node.js vulnerabilities and make sure you are using the latest stable version of Node.js.

下面的列表列举了指定版本更新中修复的 Express 漏洞。

¥The list below enumerates the Express vulnerabilities that were fixed in the specified version update.

注意:如果你认为你在 Express 中发现了安全漏洞,请参阅 安全政策和程序

¥NOTE: If you believe you have discovered a security vulnerability in Express, please see Security Policies and Procedures.

4.x {#4x}

3.x {#3x}

Express 3.x 不再维护

¥Express 3.x IS NO LONGER MAINTAINED

自上次更新(2015 年 8 月 1 日)以来,3.x 中已知和未知的安全问题尚未得到解决。使用 3.x 行不应被认为是安全的。

¥Known and unknown security issues in 3.x have not been addressed since the last update (1 August, 2015). Using the 3.x line should not be considered secure.