debauchee/barrier
1
1
Fork 0
mirror of https://github.com/debauchee/barrier.git synced 2024-11-22 07:20:15 +03:00
Code Issues Packages Projects Releases Wiki Activity

doc: Add missed details to v2.3.4 and v2.4.0 release notes

Browse Source
This commit is contained in:
Povilas Kanapickas 2021-11-02 14:32:21 +02:00
parent 3e0d758b59
commit 21c8fb88d0
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
doc/release_notes/index.md
View File

@ -25,6 +25,9 @@ Security fixes
again. Client and server will show both SHA1 and SHA256 server fingerprints to allow
interoperability with older versions of Barrier.
All of the above security issues have been reported by Matthias Gerstner who was really helpful
resolving them.
Bug fixes
---------
@ -81,7 +84,8 @@ Security fixes
Previously it was possible for a malicious client or server to send excessive length messages
leading to denial of service by resource exhaustion.
- Fixed a bug which caused Barrier to crash when disconnecting a TCP session just after sending Hello message.
- Fixed a bug which caused Barrier to crash when disconnecting a TCP session just after sending
Hello message (fixes CVE-2021-42074).
This bug allowed an unauthenticated attacker to crash Barrier with only network access.
All of the above security issues have been reported by Matthias Gerstner who was really helpful