September 2016 - Node.js Security Release Summary
On September 17th, Node.js announced planned updates to all active release lines, which includes v0.10, v0.12, v4 and v6, to fix three Node.js-specific security flaws and five OpenSSL vulnerabilities that affected all Node.js versions.
Today, Node.js has released v0.10.47 (Maintenance), v0.12.16 (Maintenance), v4.6.0 "Argon" (LTS) and v6.7.0 (Stable) with fixes for the announced vulnerabilities and updated OpenSSL versions.
Note that the semver minor of the Node.js v4 "Argon" (LTS) release line has moved from v4.5.x to v4.6.x due to the security fixes enclosed. There will be no further updates to the v4.5.x release line. Users are advised to upgrade to v4.6.0 as soon as possible.
For the purpose of understanding the impact that the fixed vulnerabilities have on your Node.js deployment and the urgency of the upgrades for your circumstances we are providing details below.
Node.js has released a security update to all currently maintained branches. This is an important release that addresses several security issues in Node.js and its dependencies, namely OpenSSL.
CVE-2016-7099 - Wildcard certificates not properly validated
Fix an invalid wildcard certificate validation check, whereby a TLS server may be able to serve an invalid wildcard certificate for its hostname due to improper validation of *. in the wildcard string.
Originally reported by Alexander Minozhenko and James Bunton (Atlassian). Patched by Ben Noordhuis.
- Versions 0.10.x of Node.js are vulnerable. Please upgrade to Node.js v0.10.47.
- Versions 0.12.x of Node.js are vulnerable. Please upgrade to v0.12.16.
- Versions 4.x of Node.js “Argon” LTS are vulnerable, please upgrade to v4.6.0 "Argon" (LTS).
- Versions 6.x of Node.js are vulnerable, please upgrade to v6.7.0 (Stable).
CVE-2016-5325 - HTTP Character Validation Issue
Add proper validation for allowable characters in the reason argument in ServerResponse#writeHead(). Fixes a possible response splitting attack vector.
This patch introduces a new case where a throw may occur when configuring HTTP responses. Users should already be adopting try/catch here.
Originally reported independently by Evan Lucas and Romain Gaucher. Patched by Evan Lucas.
- Versions 0.10.x of Node.js are vulnerable. Please upgrade to Node.js v0.10.47.
- Versions 0.12.x of Node.js are vulnerable. Please upgrade to v0.12.16.
- Versions 4.x of Node.js “Argon” LTS are vulnerable, please upgrade to v4.6.0 "Argon" (LTS).
- Versions 6.x of Node.js are vulnerable, please upgrade to v6.7.0 (Stable).
OpenSSL CVE and Upgrade Summary
OpenSSL CVEs Affecting Node.js Releases
CVE-2016-6304: OCSP Status Request extension unbounded memory growth
A malicious client can exhaust a server's memory, resulting in a denial of service (DoS) by sending very large OCSP Status Request extensions in a single session.
This flaw is labelled high severity due to the ease of use for a DoS attack and Node.js servers using TLS are vulnerable.
Assessment: All versions of Node.js are affected by this vulnerability.
CVE-2016-2183: SWEET32 Mitigation
SWEET32 is a new attack on older block cipher algorithms that use a block size of 64 bits.
As mitigation, OpenSSL has moved DES-based ciphers from the HIGH to MEDIUM group. As Node.js includes HIGH, but not MEDIUM, in its default suite, affected ciphers are no longer included unless the default suite is not used. Node's default TLS cipher suite can be found in the API documentation.
Assessment: All versions of Node.js are affected by this vulnerability.
CVE-2016-6303: OOB write in MDC2_Update()
An overflow can occur in MDC2_Update() under certain circumstances resulting in an out of bounds (OOB) error. This attack is impractical on most platforms due to the size of data required to trigger the OOB error.
Node.js is impacted by this flaw but due to the impracticalities of exploiting it and the very low usage of of MDC-2, it is very low severity for Node.js users.
Assessment: All versions of Node.js are affected by this vulnerability.
CVE-2016-2178: Constant time flag not preserved in DSA signing
A flaw in the OpenSSL DSA implementation means that a non-constant time codepath is followed for certain operations. This has been demonstrated through a cache-timing attack to be sufficient for an attacker to recover the private DSA key.
This is very low severity for Node.js users due to the difficulty in taking advantage of this attack and because DSA is very rarely used.
Assessment: All versions of Node.js are affected by this vulnerability.
CVE-2016-6306: Certificate message OOB reads
Some missing message length checks can result in out of bounds (OOB) reads of up to 2 bytes beyond an allocated buffer. There is a theoretical denial of service (DoS) risk. This only impacts a client or a server which enables client authentication.
Node.js is impacted by this low severity flaw.
Assessment: All versions of Node.js are affected by this vulnerability.
OpenSSL Updates in Node.js
OpenSSL 1.0.1u - Node.js v0.10 and v0.12
Node.js v0.10.47 and v0.12.16 upgrades the bundled version of OpenSSL from 1.0.1t to 1.0.1u. Full details can be found in the OpenSSL 1.0.1 changelog.
OpenSSL 1.0.2j - Node.js v4 and v6
Node.js releases of v4.6.0 “Argon” (LTS) and v6.7.0 (Stable) upgrades the bundled version of OpenSSL from 1.0.2h to 1.0.2j (1.0.2i got patched to 1.0.2j soon after its release - 1.0.2j is the bundled update). Full details can be found in the OpenSSL 1.0.2 changelog.
N|Solid Security Update - 1.4.1
The N|Solid 1.4.1 release is now available and updated to the latest Node.js “Argon” LTS release (v4.6.0), which includes the security updates. You can download now or read more.