This release handles the recent POODLE vulnerability by disabling SSLv2/SSLv3 by default for the most predominate uses of TLS in Node.js.

It took longer than expected to get this release accomplished in a way that would provide appropriate default security settings, while minimizing the surface area for the behavior change we were introducing. It was also important that we validated that our changes were being applied in the variety of configurations we support in our APIs.

With this release, we are confident that the only behavior change is that of the default allowed protocols do not include SSLv2 or SSLv3. Though you are still able to programatically consume those protocols if necessary.

Included is the documentation that you can find at that describes how this works going forward for client and server implementations.

Node.js is compiled with SSLv2 and SSLv3 protocol support by default, but these protocols are disabled. They are considered insecure and could be easily compromised as was shown by CVE-2014-3566. However, in some situations, it may cause problems with legacy clients/servers (such as Internet Explorer 6). If you wish to enable SSLv2 or SSLv3, run node with the --enable-ssl2 or --enable-ssl3 flag respectively. In future versions of Node.js SSLv2 and SSLv3 will not be compiled in by default.

There is a way to force node into using SSLv3 or SSLv2 only mode by explicitly specifying secureProtocol to 'SSLv3_method' or 'SSLv2_method'.

The default protocol method Node.js uses is SSLv23_method which would be more accurately named AutoNegotiate_method. This method will try and negotiate from the highest level down to whatever the client supports. To provide a secure default, Node.js (since v0.10.33) explicitly disables the use of SSLv3 and SSLv2 by setting the secureOptions to be SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2 (again, unless you have passed --enable-ssl3, or --enable-ssl2, or SSLv3_method as secureProtocol).

If you have set securityOptions to anything, we will not override your options.

The ramifications of this behavior change:

  • If your application is behaving as a secure server, clients who are SSLv3 only will now not be able to appropriately negotiate a connection and will be refused. In this case your server will emit a clientError event. The error message will include 'wrong version number'.
  • If your application is behaving as a secure client and communicating with a server that doesn't support methods more secure than SSLv3 then your connection won't be able to negotiate and will fail. In this case your client will emit a an error event. The error message will include 'wrong version number'.

2014.10.20, node.js Version 0.10.33 (Stable)

  • child_process: properly support optional args (cjihrig)

  • crypto: Disable autonegotiation for SSLv2/3 by default (Fedor Indutny, Timothy J Fontaine, Alexis Campailla)

This is a behavior change, by default we will not allow the negotiation to SSLv2 or SSLv3. If you want this behavior, run Node.js with either --enable-ssl2 or --enable-ssl3 respectively.

This does not change the behavior for users specifically requesting SSLv2_method or SSLv3_method. While this behavior is not advised, it is assumed you know what you're doing since you're specifically asking to use these methods.

2014.10.21, libuv Version 0.10.29 (Stable)

Relevant changes since version 0.10.28:

  • linux: try epoll_pwait if epoll_wait is missing (Michael Hudson-Doyle)

This update has been submitted for testing by patches.

5 years ago

This update is currently being pushed to the Fedora EPEL 7 testing updates repository.

5 years ago

This update has been pushed to testing

5 years ago

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

5 years ago

This update has been submitted for stable by patches.

5 years ago

This update is currently being pushed to the Fedora EPEL 7 stable updates repository.

5 years ago

This update has been pushed to stable

5 years ago

Please login to add feedback.

Content Type
Test Gating
Unstable by Karma
Stable by Karma
Stable by Time
5 years ago
in testing
5 years ago
in stable
5 years ago
BZ#1152789 CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack
BZ#1161900 nodejs: CVE-2014-3566 fixed upstream in new stable release v0.10.33

Automated Test Results