>Unfortunately, this means that libv8-3.14, nodejs, and the associated node-* package ecosystem should not currently be used with untrusted content, such as unsanitized data from the Internet.
Jeez. I guess this means most people will be using other node binaries in production.
https://www.debian.org/releases/stretch/amd64/release-notes/...
They don't mention the Oracle debacle, though.