Please update [email protected] to fix security issue!

jan · March 1, 2020, 9:22am

Hello,

got informed about a security issue in n8n which just got fixed:
https://github.com/n8n-io/n8n/issues/345

It is very severe, for that reason please update to the latest version (0.55.0) as soon as possible.

An attacker could gain access to your data if he would:

be aware of this issue
knows under which URL your n8n instance is reachable

If you currently run a version < 0.52.0 please check the breaking changes file first:

github.com

n8n-io/n8n/blob/master/packages/cli/BREAKING-CHANGES.md

# n8n Breaking Changes

This list shows all the versions which include breaking changes and how to upgrade.

## 0.165.0

### What changed?

The Hive node now correctly rejects invalid SSL certificates when the "Ignore SSL Issues" option is set to False.

### When is action necassary?

If you are using a self signed certificate with The Hive.

### How to upgrade:

Go to the credentials for The Hive, Enable the "Ignore SSL Issues" option.

## 0.139.0

This file has been truncated. show original

I am very sorry about this issue! I can for sure not promise that there will never be an issue again but I can promise that I will always do my best to fix them asap.

blue skies

Jan

Roket · March 2, 2020, 5:48pm

How to update n8n correctly?

jan · March 2, 2020, 6:03pm

That depends how you use n8n. Do you have it npm installed or do you use Docker?

If you use Socker you can find the answer for example here:

If you use npm the following should do the trick:

npm update -g n8n