Merge pull request #1371 from p12tic/doc-release-notes
doc: Add missed details to v2.3.4 and v2.4.0 release notes
This commit is contained in:
commit
e010f89f41
|
@ -25,6 +25,9 @@ Security fixes
|
||||||
again. Client and server will show both SHA1 and SHA256 server fingerprints to allow
|
again. Client and server will show both SHA1 and SHA256 server fingerprints to allow
|
||||||
interoperability with older versions of Barrier.
|
interoperability with older versions of Barrier.
|
||||||
|
|
||||||
|
All of the above security issues have been reported by Matthias Gerstner who was really helpful
|
||||||
|
resolving them.
|
||||||
|
|
||||||
Bug fixes
|
Bug fixes
|
||||||
---------
|
---------
|
||||||
|
|
||||||
|
@ -81,7 +84,8 @@ Security fixes
|
||||||
Previously it was possible for a malicious client or server to send excessive length messages
|
Previously it was possible for a malicious client or server to send excessive length messages
|
||||||
leading to denial of service by resource exhaustion.
|
leading to denial of service by resource exhaustion.
|
||||||
|
|
||||||
- Fixed a bug which caused Barrier to crash when disconnecting a TCP session just after sending Hello message.
|
- Fixed a bug which caused Barrier to crash when disconnecting a TCP session just after sending
|
||||||
|
Hello message (fixes CVE-2021-42074).
|
||||||
This bug allowed an unauthenticated attacker to crash Barrier with only network access.
|
This bug allowed an unauthenticated attacker to crash Barrier with only network access.
|
||||||
|
|
||||||
All of the above security issues have been reported by Matthias Gerstner who was really helpful
|
All of the above security issues have been reported by Matthias Gerstner who was really helpful
|
||||||
|
|
Loading…
Reference in New Issue