Releases: warp-tech/warpgate
v0.10.2
Security fixes
CVE-2024-43410 - SSH OOM DoS through malicious packet length
It was possible for an attacker to cause Warpgate to allocate an arbitrary amount of memory by sending a packet with a malformed length field, potentially causing the service to get killed due to excessive RAM usage.
Other fIxes
v0.10.1
v0.10.0
HTTP
- Added
remote_addrto logs #945 (Néfix Estrada) - TLS implementation switched to Rustls
SSH
- Made inactivity timeout configurable (#990) #990 (Néfix Estrada)
- 5551c33: Switch OOB SSO authentication for SSH to use the instructions instead of the name (#964) (Shea Smith) #964
- Bumped
russhtov0.44 - 8896bb3: fixed #961 - added option to allow insecure ssh key exchanges (#971) #971
SSO
- 916d51a: Add support for role mappings on custom SSO providers. (#920) (Skyler Mansfield) #920
- 75a2b8c: fixed #929 - support additional trusted OIDC audiences
UI
- 257fb38: Enhance ticket creation api and UI to support ticket expiry (#957) (Thibaud Lepretre) #957
- f3dc1ad: Enhance ticket creation api and UI to support ticket number of usage (#959) (Thibaud Lepretre) #959
Other changes
- 72236d0: Added options to specify per-protocol external ports (#973) #973
- Added arm64 docker image #930 (Zasda Yusuf Mikail)
- 81cefeb: fixed #966 - don't actually try to tighten config file permissions unless necessary
- 7e45fa5: migrate from moment to date-fns (#988) (Konstantin Nosov) #988
- b65a189: Upgrade TypeScript and Svelte Versions (#995) (Yachen Mao) #995
v0.9.1
Security fixes
CVE-2023-48795 - Terrapin Attack [12fdf62]
A flaw in the SSH protocol itself allows an active MitM attacker to prevent the client & server from negotiating OpenSSH security extensions, or, with AsyncSSH, take control of the user's session.
This release adds the support for the kex-strict-*-v00@openssh.com extensions designed by OpenSSH specifically to prevent this attack.
More info: https://terrapin-attack.com
Changes
v0.9.0
Security fixes
CVE-2023-48712
This vulnerability allows a user to escalate their privileges if the admin account isn't protected by 2FA.
Migration
- If you have a proxy in front of Warpgate setting
X-Forwarded-*headers, sethttp.trust_x_forwarded_fortotruein the config file.
Changes
v0.8.1
Security fixes
CVE-2023-43660
The SSH key verification for a user could be bypassed by sending an SSH key offer without a signature. This allowed bypassing authentication completely under following conditions:
- The attacker knows the username and a valid target name
- The attacked knows the user's public key
- Only SSH public key authentication is required for the user account
Fixes
v0.8.0
Changes
- 0bc9ae1: session details (IP & security key) are now shown during OOB auth to reduce the chance of phishing a user into approving an auth attempt #858
- 983d0ad: bumped russh
Fixes
v0.7.4
Changes
- Fixed Docker image build
v0.7.3
Security fixes
CVE-2023-37268 [8173f65]
Insufficient authentication checks for SSO users allowed any SSO user to elevate their permission to these of any other SSO user. All configurations using SSO are affected.
