Release notes for v2.3.4
This commit is contained in:
parent
8883cfae0f
commit
ad1a2c0bd6
|
@ -1,6 +0,0 @@
|
|||
SECURITY ISSUE
|
||||
|
||||
Barrier will now correctly close connections when the app-level handshake fails (fixes CVE-2021-42075).
|
||||
|
||||
Previously repeated failing connections would leak file descriptors leading to Barrier being unable
|
||||
to receive new connections from clients.
|
|
@ -1,6 +0,0 @@
|
|||
SECURITY ISSUE
|
||||
|
||||
Barrier will now enforce a maximum length of input messages (fixes CVE-2021-42076).
|
||||
|
||||
Previously it was possible for a malicious client or server to send excessive length messages
|
||||
leading to denial of service by resource exhaustion.
|
|
@ -1,4 +0,0 @@
|
|||
SECURITY ISSUE
|
||||
|
||||
Fixed a bug which caused Barrier to crash when disconnecting a TCP session just after sending Hello message.
|
||||
This bug allowed an unauthenticated attacker to crash Barrier with only network access.
|
|
@ -1,2 +0,0 @@
|
|||
Fixed a bug in SSL implementation that caused invalid data occasionally being sent to clients
|
||||
under heavy load.
|
|
@ -2,3 +2,31 @@ Release notes
|
|||
=============
|
||||
|
||||
[comment]: <> (towncrier release notes start)
|
||||
|
||||
Barrier `2.3.4` ( `2021-11-01` )
|
||||
================================
|
||||
|
||||
Security fixes
|
||||
--------------
|
||||
|
||||
- Barrier will now correctly close connections when the app-level handshake fails (fixes CVE-2021-42075).
|
||||
|
||||
Previously repeated failing connections would leak file descriptors leading to Barrier being unable
|
||||
to receive new connections from clients.
|
||||
|
||||
- Barrier will now enforce a maximum length of input messages (fixes CVE-2021-42076).
|
||||
|
||||
Previously it was possible for a malicious client or server to send excessive length messages
|
||||
leading to denial of service by resource exhaustion.
|
||||
|
||||
- Fixed a bug which caused Barrier to crash when disconnecting a TCP session just after sending Hello message.
|
||||
This bug allowed an unauthenticated attacker to crash Barrier with only network access.
|
||||
|
||||
All of the above security issues have been reported by Matthias Gerstner who was really helpful
|
||||
resolving them.
|
||||
|
||||
Bug fixes
|
||||
---------
|
||||
|
||||
- Fixed a bug in SSL implementation that caused invalid data occasionally being sent to clients
|
||||
under heavy load.
|
||||
|
|
Loading…
Reference in New Issue