OpenSSL update, 1.0.2k

Rod Vagg

Rod Vagg

(Update 1-February-2017) Releases available

Updates are now available for all active Node.js release lines.

The following releases are bundled with OpenSSL 1.0.2k:

While this is not a critical update, all users of these release lines should upgrade at their earliest convenience.

Original post is included below


The OpenSSL project has announced the immediate availability of OpenSSL version 1.0.2k.

Although the OpenSSL team have determined a maximum severity rating of "moderate", the Node.js crypto team (Ben Noordhuis, Shigeki Ohtsu and Fedor Indutny) have determined the impact to Node users is "low". Details on this determination can be found below.

We will therefore be scheduling releases of all active release lines (7 "Current", 6 "LTS Boron", 4 "LTS Argon") on Tuesday the 31st of January. As releases are made, they will appear on the nodejs.org news feed and this post will also be updated with details.

Node.js Impact Assessment

CVE-2017-3731: Truncated packet could crash via OOB read

This is a moderate severity flaw in OpenSSL. By default, Node.js disables RC4 so most users are not affected. As RC4 can be enabled programmatically, it is possible for a Node.js developer to craft code that may be vulnerable to this flaw. Any user activating RC4 in their codebase should prioritise this update.

All active versions of Node.js are affected, but the severity is very low for most users.

CVE-2017-3730: Bad DHE and ECDHE parameters cause a client crash

Because this flaw only impacts OpenSSL 1.1.0 and no active Node.js release line currently bundles this version, Node.js is not affected.

CVE-2017-3732: BN_mod_exp may produce incorrect results on x86_64

As noted by the OpenSSL team, the likelihood of being able to craft a practical attack that uses this flaw is very low. In addition, Node.js enables SSL_OP_SINGLE_DH_USE, further decreasing the chance of a successful exploit of this vulnerability in a Node.js service.

All active versions of Node.js are affected, but the severity is very low for Node.js users.

CVE-2016-7055: Montgomery multiplication may produce incorrect results

Some calculations, when run on an Intel Broadwell or later CPU, can produce in erroneous results. This flaw has been previously discussed by the Node.js team on GitHub. It is not believed that practical attacks can be crafted to exploit this vulnerability except in very specific circumstances. Therefore this is a low severity flaw.

All active versions of Node.js are affected, but the severity is very low for Node.js users.