nodejs · SEWeiTung · Sep 16, 2019 · Sep 8, 2019
diff --git a/locale/en/blog/release/v0.10.0.md b/locale/en/blog/release/v0.10.0.md
@@ -317,7 +317,9 @@ versions of Node.  This is a remarkably effective way to do node-core
 development.  Future developments will continue to be iterated in
 userland modules.
 
-## Growing Up <a name="enterprise"></a>
+<a id="enterprise"></a>
+
+## Growing Up
 
 The question comes up pretty often whether Node is "ready for prime
 time" yet.  I usually answer that it depends on your requirements for

diff --git a/locale/en/blog/vulnerability/openssl-and-low-severity-fixes-jan-2016.md b/locale/en/blog/vulnerability/openssl-and-low-severity-fixes-jan-2016.md
@@ -98,7 +98,7 @@ Previous releases of OpenSSL (since Node.js v0.10.39, v0.12.5, v4.0.0 and v5.0.0
 
 The new OpenSSL release, for all Node.js lines, increases this to 1024-bits. The change only impacts TLS clients connecting to servers with weak DH parameter lengths.
 
-<a name="_-update-29-jan-2016-_-openssl-impact-assessment"></a>
+<a id="_-update-29-jan-2016-_-openssl-impact-assessment"></a>
 
 ## _(Update 30-Jan-2016)_ Release postponement
 

diff --git a/locale/en/blog/vulnerability/openssl-november-2017.md b/locale/en/blog/vulnerability/openssl-november-2017.md
@@ -57,7 +57,8 @@ Our active release lines are:
 
 We will include an update here once all releases are made available.
 
-<a name="original_post"></a>
+<a id="original_post"></a>
+
 ***Original post is included below***
 
 ---

diff --git a/locale/en/blog/vulnerability/september-2016-security-releases.md b/locale/en/blog/vulnerability/september-2016-security-releases.md
@@ -102,7 +102,7 @@ Full disclosure of fixed vulnerabilities will be provided after all releases are
 
 The OpenSSL project has [announced](https://www.openssl.org/news/secadv/20160922.txt) the general availability of versions [1.0.2i](https://www.openssl.org/news/openssl-1.0.2-notes.html) (to be included in Node.js v4 and above) and [1.0.1u](https://www.openssl.org/news/openssl-1.0.1-notes.html) (to be included in Node.js v0.10 and v0.12). Our crypto team (Shigeki Ohtsu, Fedor Indutny, and Ben Noordhuis) have performed an analysis of the defects addressed in the OpenSSL releases to determine their impact on Node.js. The results of this analysis are included below.
 
-<a name="CVE-2016-6304"></a>
+<a id="CVE-2016-6304"></a>
 
 ### [CVE-2016-6304](https://www.openssl.org/news/vulnerabilities.html#2016-6304): OCSP Status Request extension unbounded memory growth
 
@@ -112,7 +112,7 @@ This flaw is labelled _high_ severity due to the ease of use for a DoS attack an
 
 **Assessment**: All versions of Node.js are **affected** by this vulnerability.
 
-<a name="CVE-2016-6305"></a>
+<a id="CVE-2016-6305"></a>
 
 ### [CVE-2016-6305](https://www.openssl.org/news/vulnerabilities.html#2016-6305): SSL_peek() hang on empty record
 
@@ -122,7 +122,7 @@ Node.js is not yet dependent on OpenSSL 1.1.0 so it is not impacted by this flaw
 
 **Assessment**: All versions of Node.js are believed to be **unaffected** by this vulnerability.
 
-<a name="CVE-2016-2183"></a>
+<a id="CVE-2016-2183"></a>
 
 ### [CVE-2016-2183](https://www.openssl.org/news/vulnerabilities.html#2016-2183): SWEET32 Mitigation
 
@@ -132,7 +132,7 @@ As mitigation, OpenSSL has moved DES-based ciphers from the `HIGH` to `MEDIUM` g
 
 **Assessment**: All versions of Node.js are **affected** by this vulnerability.
 
-<a name="CVE-2016-6303"></a>
+<a id="CVE-2016-6303"></a>
 
 ### [CVE-2016-6303](https://www.openssl.org/news/vulnerabilities.html#2016-6303): OOB write in MDC2_Update()
 
@@ -142,7 +142,7 @@ Node.js is impacted by this flaw but due to the impracticalities of exploiting i
 
 **Assessment**: All versions of Node.js are **affected** by this vulnerability.
 
-<a name="CVE-2016-6302"></a>
+<a id="CVE-2016-6302"></a>
 
 ### [CVE-2016-6302](https://www.openssl.org/news/vulnerabilities.html#2016-6302): Malformed SHA512 ticket DoS
 
@@ -152,15 +152,15 @@ Node.js does not use SHA512 for session tickets and is therefore not impacted by
 
 **Assessment**: All versions of Node.js are believed to be **unaffected** by this vulnerability.
 
-<a name="CVE-2016-2182"></a>
+<a id="CVE-2016-2182"></a>
 
 ### [CVE-2016-2182](https://www.openssl.org/news/vulnerabilities.html#2016-2182): OOB write in BN_bn2dec()
 
 An out of bounds (OOB) write can occur in `BN_bn2dec()` if an application uses this function with an overly large `BIGNUM`. TLS is not affected because record limits will reject an oversized certificate before it is parsed.
 
 **Assessment**: All versions of Node.js are believed to be **unaffected** by this vulnerability.
 
-<a name="CVE-2016-2180"></a>
+<a id="CVE-2016-2180"></a>
 
 ### [CVE-2016-2180](https://www.openssl.org/news/vulnerabilities.html#2016-2180): OOB read in TS_OBJ_print_bio()
 
@@ -170,7 +170,7 @@ Node.js does not make use of the Time Stamp Authority functionality in OpenSSL a
 
 **Assessment**: All versions of Node.js are believed to be **unaffected** by this vulnerability.
 
-<a name="CVE-2016-2177"></a>
+<a id="CVE-2016-2177"></a>
 
 ### [CVE-2016-2177](https://www.openssl.org/news/vulnerabilities.html#2016-2177): Pointer arithmetic undefined behaviour
 
@@ -180,7 +180,7 @@ It is unlikely that Node.js users are directly impacted by this.
 
 **Assessment**: All versions of Node.js are believed to be **unaffected** by this vulnerability.
 
-<a name="CVE-2016-2178"></a>
+<a id="CVE-2016-2178"></a>
 
 ### [CVE-2016-2178](https://www.openssl.org/news/vulnerabilities.html#2016-2178): Constant time flag not preserved in DSA signing
 
@@ -190,7 +190,7 @@ This is _very low_ severity for Node.js users due to the difficulty in taking ad
 
 **Assessment**: All versions of Node.js are **affected** by this vulnerability.
 
-<a name="CVE-2016-2179"></a>
+<a id="CVE-2016-2179"></a>
 
 ### [CVE-2016-2179](https://www.openssl.org/news/vulnerabilities.html#2016-2179): DTLS buffered message DoS
 
@@ -200,7 +200,7 @@ As Node.js does not support DTLS, users are not impacted by this flaw.
 
 **Assessment**: All versions of Node.js are believed to be **unaffected** by this vulnerability.
 
-<a name="CVE-2016-2179"></a>
+<a id="CVE-2016-2179-1"></a>
 
 ### [CVE-2016-2179](https://www.openssl.org/news/vulnerabilities.html#2016-2179): DTLS replay protection DoS
 
@@ -210,7 +210,7 @@ As Node.js does not support DTLS, users are not impacted by this flaw.
 
 **Assessment**: All versions of Node.js are believed to be **unaffected** by this vulnerability.
 
-<a name="CVE-2016-6306"></a>
+<a id="CVE-2016-6306"></a>
 
 ### [CVE-2016-6306](https://www.openssl.org/news/vulnerabilities.html#2016-6306): Certificate message OOB reads
 
@@ -220,7 +220,7 @@ Node.js is impacted by this _low_ severity flaw.
 
 **Assessment**: All versions of Node.js are **affected** by this vulnerability.
 
-<a name="CVE-2016-6307"></a>
+<a id="CVE-2016-6307"></a>
 
 ### [CVE-2016-6307](https://www.openssl.org/news/vulnerabilities.html#2016-6307): Excessive allocation of memory in tls_get_message_header()
 
@@ -230,7 +230,7 @@ Node.js is not yet dependent on OpenSSL 1.1.0 so it is not impacted by this flaw
 
 **Assessment**: All versions of Node.js are believed to be **unaffected** by this vulnerability.
 
-<a name="CVE-2016-6308"></a>
+<a id="CVE-2016-6308"></a>
 
 ### [CVE-2016-6308](https://www.openssl.org/news/vulnerabilities.html#2016-6308): Excessive allocation of memory in dtls1_preprocess_fragment()