nodejs · avivkeller · Jan 13, 2026 · Jan 13, 2026 · Copilot · Jan 13, 2026
@@ -0,0 +1,121 @@
+---
+date: '2026-01-13T13:56:13.880Z'
+category: release
+title: Node.js 20.20.0 (LTS)
+layout: blog-post
+author: Marco Ippolito
+---
+
+## 2026-01-13, Version 20.20.0 'Iron' (LTS), @marco-ippolito
+
+This is a security release.
+
+### Notable Changes
+
+lib:
+
+- (CVE-2025-55132) disable futimes when permission model is enabled (RafaelGSS) <https://github.com/nodejs-private/node-private/pull/802>
+- (CVE-2025-59465) add TLSSocket default error handler (RafaelGSS) <https://github.com/nodejs-private/node-private/pull/797>
+  lib,permission:
+- (CVE-2025-55130) require full read and write to symlink APIs (RafaelGSS) <https://github.com/nodejs-private/node-private/pull/760>
+  src:
+- (CVE-2025-59466) rethrow stack overflow exceptions in async_hooks (Matteo Collina) <https://github.com/nodejs-private/node-private/pull/773>
+  src,lib:
+- (CVE-2025-55131) refactor unsafe buffer creation to remove zero-fill toggle (Сковорода Никита Андреевич) <https://github.com/nodejs-private/node-private/pull/759>
+  tls:
+- (CVE-2026-21637) route callback exceptions through error handlers (Matteo Collina) <https://github.com/nodejs-private/node-private/pull/796>
- (CVE-2026-21637) route callback exceptions through error handlers (Matteo Collina) <https://github.com/nodejs-private/node-private/pull/796>
+- (CVE-2025-21637) route callback exceptions through error handlers (Matteo Collina) <https://github.com/nodejs-private/node-private/pull/796>
- (CVE-2026-21637) route callback exceptions through error handlers (Matteo Collina) <https://github.com/nodejs-private/node-private/pull/796>
+- (CVE-2025-21637) route callback exceptions through error handlers (Matteo Collina) <https://github.com/nodejs-private/node-private/pull/796>
+
+### Commits
+
+- \[[`8f9ba3f623`](https://github.com/nodejs/node/commit/8f9ba3f623)] - **deps**: update c-ares to v1.34.6 (Node.js GitHub Bot) [#60997](https://github.com/nodejs/node/pull/60997)
+- \[[`97fc9b0eb7`](https://github.com/nodejs/node/commit/97fc9b0eb7)] - **deps**: update undici to 6.23.0 (Matteo Collina) [nodejs-private/node-private#792](https://github.com/nodejs-private/node-private/pull/792)
+- \[[`14fbbb510c`](https://github.com/nodejs/node/commit/14fbbb510c)] - **(CVE-2025-55132)** **lib**: disable futimes when permission model is enabled (RafaelGSS) [nodejs-private/node-private#802](https://github.com/nodejs-private/node-private/pull/802)
+- \[[`1febc48d5b`](https://github.com/nodejs/node/commit/1febc48d5b)] - **(CVE-2025-59465)** **lib**: add TLSSocket default error handler (RafaelGSS) [nodejs-private/node-private#797](https://github.com/nodejs-private/node-private/pull/797)
+- \[[`494f62dc23`](https://github.com/nodejs/node/commit/494f62dc23)] - **(CVE-2025-55130)** **lib,permission**: require full read and write to symlink APIs (RafaelGSS) [nodejs-private/node-private#760](https://github.com/nodejs-private/node-private/pull/760)
+- \[[`d7a5c587c0`](https://github.com/nodejs/node/commit/d7a5c587c0)] - **(CVE-2025-59466)** **src**: rethrow stack overflow exceptions in async_hooks (Matteo Collina) [nodejs-private/node-private#773](https://github.com/nodejs-private/node-private/pull/773)
+- \[[`51f4de4b4a`](https://github.com/nodejs/node/commit/51f4de4b4a)] - **(CVE-2025-55131)** **src,lib**: refactor unsafe buffer creation to remove zero-fill toggle (Сковорода Никита Андреевич) [nodejs-private/node-private#759](https://github.com/nodejs-private/node-private/pull/759)
+- \[[`85f73e7057`](https://github.com/nodejs/node/commit/85f73e7057)] - **(CVE-2026-21637)** **tls**: route callback exceptions through error handlers (Matteo Collina) [nodejs-private/node-private#796](https://github.com/nodejs-private/node-private/pull/796)
+
+Windows 32-bit Installer: https://nodejs.org/dist/v20.20.0/node-v20.20.0-x86.msi \
+Windows 64-bit Installer: https://nodejs.org/dist/v20.20.0/node-v20.20.0-x64.msi \
+Windows ARM 64-bit Installer: https://nodejs.org/dist/v20.20.0/node-v20.20.0-arm64.msi \
+Windows 32-bit Binary: https://nodejs.org/dist/v20.20.0/win-x86/node.exe \
+Windows 64-bit Binary: https://nodejs.org/dist/v20.20.0/win-x64/node.exe \
+Windows ARM 64-bit Binary: https://nodejs.org/dist/v20.20.0/win-arm64/node.exe \
+macOS 64-bit Installer: https://nodejs.org/dist/v20.20.0/node-v20.20.0.pkg \
+macOS Apple Silicon 64-bit Binary: https://nodejs.org/dist/v20.20.0/node-v20.20.0-darwin-arm64.tar.gz \
+macOS Intel 64-bit Binary: https://nodejs.org/dist/v20.20.0/node-v20.20.0-darwin-x64.tar.gz \
+Linux 64-bit Binary: https://nodejs.org/dist/v20.20.0/node-v20.20.0-linux-x64.tar.xz \
+Linux PPC LE 64-bit Binary: https://nodejs.org/dist/v20.20.0/node-v20.20.0-linux-ppc64le.tar.xz \
+Linux s390x 64-bit Binary: https://nodejs.org/dist/v20.20.0/node-v20.20.0-linux-s390x.tar.xz \
+AIX 64-bit Binary: https://nodejs.org/dist/v20.20.0/node-v20.20.0-aix-ppc64.tar.gz \
+ARMv7 32-bit Binary: https://nodejs.org/dist/v20.20.0/node-v20.20.0-linux-armv7l.tar.xz \
+ARMv8 64-bit Binary: https://nodejs.org/dist/v20.20.0/node-v20.20.0-linux-arm64.tar.xz \
+Source Code: https://nodejs.org/dist/v20.20.0/node-v20.20.0.tar.gz \
+Other release files: https://nodejs.org/dist/v20.20.0/ \
+Documentation: https://nodejs.org/docs/v20.20.0/api/
+
+### SHASUMS
+
+```
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
+7ae62921fc80ee47ae4e2519661e927b3fa7abf75cdb50458490ef2f0da633e5  node-v20.20.0-aix-ppc64.tar.gz
+988d0f965918d1ff75b125b36ea5866c1000a48389e0d33875602a58c60b409f  node-v20.20.0-arm64.msi
+69b98aa4662032ab06bd92216f0aebb2727d7ee4e1eb79ea5787bbbb38af4801  node-v20.20.0-darwin-arm64.tar.gz
+2edefda1cdebc210b27d85698354a2a4c247af0a6fb91d9414ce6251a638e364  node-v20.20.0-darwin-arm64.tar.xz
+69bf9b294dc04e3b97c3d5e4f16b3c634201b7f5f617fb65d93a9a9ac4bec0f0  node-v20.20.0-darwin-x64.tar.gz
+37f82f0718199626056e3694e9f00a5e30c4d1115c0c8649d04a4924a6b95a6f  node-v20.20.0-darwin-x64.tar.xz
+fc74b79dcc07df4b9c3ecf8d214aea5908b408f9653e918e6df163683a0e33ce  node-v20.20.0-headers.tar.gz
+96c31e0a07b37b0af25e5b02f679149fe1f169c153477192a59884a320b943d5  node-v20.20.0-headers.tar.xz
+2b640b7fc19a1d2f12a226d7dfba9baff2de87cc15db5a3e58bcdb15582ac604  node-v20.20.0-linux-arm64.tar.gz
+752113754a7dddf0622b3740a2b2bec3dbaf1792a18711b55871d76444d8892a  node-v20.20.0-linux-arm64.tar.xz
+2fc5f715c05c7a2662044fbfac5edfcb85d419045ecb2dff53b68f3dc4ec81fb  node-v20.20.0-linux-armv7l.tar.gz
+68f1945036de7738cb9f46d161ae778a9f96f18f5f5fc2827755f7925d399246  node-v20.20.0-linux-armv7l.tar.xz
+8b02c9b00b551d59bd550e6d92e8131f23668fcc71b0937ac2256ee0754e39a7  node-v20.20.0-linux-ppc64le.tar.gz
+5ec524a988d71f3f265d218f0f1b71d37ddc2864369508e95d32ac7e6c81a781  node-v20.20.0-linux-ppc64le.tar.xz
+154dd8885646253a12532099ccf9485660bc42e4a56bb1483f4e161fb7f10bb9  node-v20.20.0-linux-s390x.tar.gz
+908d4bbeb33eb576a132be6c6cb209ebf0e646da0e71ea42b9d481c778a1117f  node-v20.20.0-linux-s390x.tar.xz
+92dfd59fb4837230abba5d6dd717b882ca897e22fde2f9268e1aac2c4bde0f5b  node-v20.20.0-linux-x64.tar.gz
+4f48b52acf42130844a3a75e94da0e9629009d09e4101b2304895c24f3fbe609  node-v20.20.0-linux-x64.tar.xz
+8dae9c0d296e86150f9138c0077ef020fb384fd913d1a671baa3663e14367ec0  node-v20.20.0.pkg
+cafc92e90917c17869d982fdff10104c2eb328437ed9bbf03fdda78ebc0accdd  node-v20.20.0.tar.gz
+5294d9d2915620e819e6892fd7e545b98d650bad36dae54e6527eaac482add98  node-v20.20.0.tar.xz
+8eb9846f62581364f877109808c7df953d3393022f33f128f954bc4a857366b2  node-v20.20.0-win-arm64.7z
+870693b496d152519af14b30fb1adef47e62233b90aea5e887ea728cd29c037d  node-v20.20.0-win-arm64.zip
+5e48cd18cc5dc6cda23b8ad2467223f3f82b0f03b941b7088578ecb7afbda8d4  node-v20.20.0-win-x64.7z
+32f24e1405b113d4e01ad2585c92024df673b6156ef6f43a5469a75bf52c0a5a  node-v20.20.0-win-x64.zip
+0af709b32e1ee7d7ce07c87fc64b216afcee3867cc4982ef95cbfa8010ac0e11  node-v20.20.0-win-x86.7z
+d72d2a5b7d944a28eb59e0477bdc0c40b7b0a817bca057d5e882c0e0013590f3  node-v20.20.0-win-x86.zip
+8b8f5cbf7f1800c74e19cef0182bb6b9144e154e57fc01dd945bd36edaf32c65  node-v20.20.0-x64.msi
+93698ab6cca1cbff4ffb545f15078509ae706cfbb9a646449ccfe1c8d7abad4b  node-v20.20.0-x86.msi
+9d8337f4cfdfe39383b7eecbda2b84c5997507962d489988fd61f176c14d652c  win-arm64/node.exe
+cc64d1a9d5189e05c3f7ca3e3351aa38e0454573d533b636415dacf495f96291  win-arm64/node.lib
+2fa932df38d6f1612154153a9c8c2048596518d5a46c34490f2c3603fc836d94  win-arm64/node_pdb.7z
+cda800fafb789404acbe98548fe1f4e71fbc3889a747eb3fef67155e67b29513  win-arm64/node_pdb.zip
+fda2b2a8857735f7958ba9771a2b24734ff36434e85ae606bcf7744d41d7adc0  win-x64/node.exe
+919d900bb9d589ebbcfda17e6f6e8f6b49d8d6a8d782b6f5efd6b6c6c5f0d1b1  win-x64/node.lib
+922b251451eb2aeb51848e0e67c5aa6d70c47b86d8ac22afcf4240fd445443a5  win-x64/node_pdb.7z
+d9751fb70d3f7af85c0485e841de3645f43b69fc954cc231d9a16d96690c1ba1  win-x64/node_pdb.zip
+9ffb141325064dcd1febc09752bc3ab7b407b25a0483ebcb1e3cacb7906f4c7f  win-x86/node.exe
+4e14d97fd24bf99dc322553d817194cc3b956482ee76e073945e82e5d343740a  win-x86/node.lib
+06b506294604c0806f09d5aa7b7a10a99d4bf62e2484bba74a7e1fb1499f0944  win-x86/node_pdb.7z
+080cbc5ed5800da6e0e3087176525d29c21020e212bda31fe1bedb9b3a325876  win-x86/node_pdb.zip
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCAAdFiEEzGj1oxBv9EgyLkjtJ/XjjVsKIV8FAmlmTfUACgkQJ/XjjVsK
+IV/NdhAAlCoOxOEkcMRWLhMPfqE+3AhOdqBgATPr1C4+9BHLPGAEqcwro2Gf3OyH
+JwZyCPOfmE9Rcx4/3N7nc5KZ5IzdXtcHSdz7JzXfi9aJLzOeZ/U84hXzSJugYbKs
+v3vu6l7jD9sPtpwNo/1nBGsXiE1iLpENyiKdkWneGrQfJpNImGVdY9LlV6f7j9Yl
+/9bL/Lo6rpR4uSDIuyycAITAAoABli/3SnvSP/yqZ/WPQpA6kO+ZKz1mppAw8zqT
+GRaYamCCU97s8vdl3sV7vq50bkxo6TunC1K6ijTlC69vjdUD2aIrD8Jlii/4TXHa
+/QyhgeW7Fs5yBqqK9rQkX5LUvdXI81vuTtvcTL/2IW4Tnu51imiP3cTMmn1fjjMD
+uuuo2zShcNpZBNjodiv5FHZeEGgrdF0yZNVCTnW32jUQYhnntoEt7TzjVNKXJd+r
+XvS4GjR2TdqZ98FFUZNBNO57R1ZDbvqParKwOcsss+1db5UQ7s44BBVGw+qlnJoX
+GDE0YoCEcmeQvpvJbJ8WxFFk8uPGyN6UdTlhLu5Pof6kfFA+VTwtnM5l6TvE9uD3
+CTtp4X/yhbRFbl764gFubcQj+L9s5urFNgKGmNaWt9kheGFRVTY8VOXHMrMwFwFu
+Kw63llKOsZyrrX5Zmuegve7WnIZsZzW56LaZN37HsQaq+QcLhmQ=
+=6O2f
+-----END PGP SIGNATURE-----
+```