Node Vulnerability in < 4.8.4, Meteor < 1.5.1

Apologies if somebody already mentioned this and I didn’t see the post, but Node’s recently announced and patched a denial-of-service vulnerability:

It looks like @benjamn updated meteor 1.5.1 to use the fixed version of node (4.8.4), but I thought I’d mention it in case folks like me have old apps in production and hadn’t noticed the change.

EDIT: as noted in this github issue:
EDIT: you’ll have to meteor update --release 1.5.1


Any near-term plans to get the latest Meteor 1.4x updated to Node 4.8.4?

You can use that version of Node to run your app in production, since the Meteor release doesn’t control that!