- Fixed high‑severity use‑after‑free bug in TLSWrap (CVE‑2020‑8265) preventing potential DoS or memory corruption.
- Patched low‑severity HTTP request smuggling issue (CVE‑2020‑8287) by handling duplicate Transfer‑Encoding headers.
- Added tests and code adjustments: test for transfer‑encoding smuggling, unset F_CHUNKED on new Transfer‑Encoding, retained WriteWrap/ShutdownWrap pointers.