blog: announce no impact from openssl release

sam-github · Trott · commit 0a492c4d812d · 2020-04-23T07:55:27.000-07:00
diff --git a/build.js b/build.js
@@ -272,7 +272,7 @@ function getSource (callback) {
           lts: latestVersion.lts(versions)
         },
         banner: {
-          visible: true,
+          visible: false,
           text: 'Security releases may be necessary for all release lines',
           link: '/en/blog/vulnerability/april-2020-openssl-updates/'
         }
diff --git a/locale/en/blog/vulnerability/april-2020-openssl-updates.md b/locale/en/blog/vulnerability/april-2020-openssl-updates.md
@@ -1,12 +1,25 @@
 ---
-date: 2020-04-17T12:00:00.000Z
+date: 2020-04-21T12:00:00.000Z
 category: vulnerability
-title: OpenSSL security releases may require Node.js security releases
+title: OpenSSL security releases do not require Node.js security releases
 slug: openssl-and-low-severity-fixes-april-2020
 layout: blog-post.hbs
 author: Sam Roberts
 ---
 
+### Update
+
+The OpenSSL project has released a description of the issue fixed in the
+OpenSSL 1.1.1g update. It only affects a function which is *not called*
+by Node.js (or its dependencies), and as such, does not affect Node.js.
+
+No Node.js security releases are required.
+
+For more information, see the OpenSSL
+[announcement](https://www.openssl.org/news/secadv/20200421.txt).
+
+The previous Node.js announcement can be found below.
+
 ### Summary
 
 The Node.js project may be releasing new versions across all of its supported

Original file line number	Diff line number	Diff line change
`@@ -272,7 +272,7 @@ function getSource (callback) {`
`272`	`272`	`lts: latestVersion.lts(versions)`
`273`	`273`	`},`
`274`	`274`	`banner: {`
`275`		`- visible: true,`
	`275`	`+ visible: false,`
`276`	`276`	`text: 'Security releases may be necessary for all release lines',`
`277`	`277`	`link: '/en/blog/vulnerability/april-2020-openssl-updates/'`
`278`	`278`	`}`