Skip to content

0.101.4
Compare
Choose a tag to compare
@ctz ctz released this 22 Aug 08:48
· 301 commits to main since this release
v/0.101.4
d7f6aa4

Release notes

  • certificate path building and verification is now capped at 100 signature validation operations to avoid the risk of CPU usage denial-of-service attack when validating crafted certificate chains producing quadratic runtime. This risk affected both clients, as well as servers that verified client certificates.

What's Changed

Full Changelog: v/0.101.3...v/0.101.4

Contributors

cpu
Assets 2
Loading