When attempting to unmarshal a Server Hello request we could attempt to unmarshal into a buffer that was too small. This could result in a panic leading the program to crash.
This issue could be abused to cause a denial of service.
During the unmarshalling of a hello verify request we could try to unmarshal into too small a buffer. is could result in a panic leading the program to crash.
This issue could be abused to cause a denial of service.
A buffer that was used for inbound network traffic had no upper limit. Pion DTLS would buffer all network traffic from the remote user until the handshake completes or times out. An attacker could exploit this to cause excessive memory usage.
Patches
Upgrade to Pion DTLS v2.1.4
Workarounds
No workarounds available, upgrade to Pion DTLS v2.1.4
References
Thank you to Juho Nurminen and the Mattermost team for discovering and reporting this.
For more information
If you have any questions or comments about this advisory:
A DTLS Client could provide a Certificate that it doesn't posses the private key for and Pion DTLS wouldn't reject it.
This issue affects users that are using Client certificates only. The connection itself is still secure. The Certificate provided by clients can't be trusted when using a Pion DTLS server prior to v2.1.5
Patches
Upgrade to Pion DTLS v2.1.5
Workarounds
No workarounds available, upgrade to Pion DTLS v2.1.5
References
Thank you to Juho Nurminen and the Mattermost team for discovering and reporting this.
For more information
If you have any questions or comments about this advisory:
pion/dtls
### [`v2.2.4`](https://togithub.com/pion/dtls/releases/tag/v2.2.4)
[Compare Source](https://togithub.com/pion/dtls/compare/v2.2.3...v2.2.4)
#### Security
This release contains 2 patches by [@nerd2](https://togithub.com/nerd2) from Motorola Solutions that could lead to panics at runtime. We'd like to thank Sam for finding and responsibly disclosing the vulnerabilities to [@pion/security](https://togithub.com/pion/security).
- https://github.com/pion/dtls/security/advisories/GHSA-4xgv-j62q-h3rj
- https://github.com/pion/dtls/security/advisories/GHSA-hxp2-xqf3-v83h
#### Changelog
- [`9e922d5`](https://togithub.com/pion/dtls/commit/9e922d5) Add fuzz tests for handshake
- [`a50d26c`](https://togithub.com/pion/dtls/commit/a50d26c) Fix panic unmarshalling hello verify request
- [`7a14903`](https://togithub.com/pion/dtls/commit/7a14903) Fix OOB read in server hello
### [`v2.2.3`](https://togithub.com/pion/dtls/releases/tag/v2.2.3)
[Compare Source](https://togithub.com/pion/dtls/compare/v2.2.2...v2.2.3)
#### Changelog
- [`8b8bc87`](https://togithub.com/pion/dtls/commit/8b8bc87) Update module github.com/pion/udp to v0.1.4
### [`v2.2.2`](https://togithub.com/pion/dtls/releases/tag/v2.2.2)
[Compare Source](https://togithub.com/pion/dtls/compare/v2.2.1...v2.2.2)
#### Changelog
- [`0473adf`](https://togithub.com/pion/dtls/commit/0473adf) Add SkipHelloVerify option to dTLS
- [`11ea8c2`](https://togithub.com/pion/dtls/commit/11ea8c2) Update module golang.org/x/crypto to v0.5.0
- [`f3c7b2d`](https://togithub.com/pion/dtls/commit/f3c7b2d) Update module golang.org/x/net to v0.5.0
- [`3dca8e4`](https://togithub.com/pion/dtls/commit/3dca8e4) Update github.com/pion/transport to v2
- [`3606b0d`](https://togithub.com/pion/dtls/commit/3606b0d) Use Go's built-in fuzzing tool instead of go-fuzz
- [`b122250`](https://togithub.com/pion/dtls/commit/b122250) Update CI configs to v0.10.3
- [`6aaf97c`](https://togithub.com/pion/dtls/commit/6aaf97c) Fix fuzzing of recordLayer
- [`3a6f531`](https://togithub.com/pion/dtls/commit/3a6f531) Update CI configs to v0.10.1
- [`d0f27fe`](https://togithub.com/pion/dtls/commit/d0f27fe) Update module github.com/pion/udp to v0.1.2
- [`205e480`](https://togithub.com/pion/dtls/commit/205e480) Update CI configs to v0.9.0
- [`f40c61d`](https://togithub.com/pion/dtls/commit/f40c61d) Update hash name check to be case insensitive
- [`3026357`](https://togithub.com/pion/dtls/commit/3026357) Update module golang.org/x/crypto to v0.4.0
- [`08c3602`](https://togithub.com/pion/dtls/commit/08c3602) Update module golang.org/x/net to v0.4.0
- [`5e7f90f`](https://togithub.com/pion/dtls/commit/5e7f90f) Update CI configs to v0.8.1
- [`c21afb8`](https://togithub.com/pion/dtls/commit/c21afb8) Ignore lint error on Subjects() deprecation
- [`0b11454`](https://togithub.com/pion/dtls/commit/0b11454) Update module golang.org/x/crypto to v0.3.0
- [`265bf7a`](https://togithub.com/pion/dtls/commit/265bf7a) Update module golang.org/x/net to v0.2.0
- [`f4896b5`](https://togithub.com/pion/dtls/commit/f4896b5) Update module github.com/pion/transport to v0.14.1
- [`1209570`](https://togithub.com/pion/dtls/commit/1209570) Update module github.com/pion/transport to v0.14.0
- [`8eed8ed`](https://togithub.com/pion/dtls/commit/8eed8ed) Update module golang.org/x/crypto to v0.1.0
- [`4ae7e13`](https://togithub.com/pion/dtls/commit/4ae7e13) Update CI configs to v0.8.0
- [`984d41b`](https://togithub.com/pion/dtls/commit/984d41b) Update golang.org/x/net digest to [`107f3e3`](https://togithub.com/pion/dtls/commit/107f3e3)
- [`aabc687`](https://togithub.com/pion/dtls/commit/aabc687) Update golang.org/x/crypto digest to [`eccd636`](https://togithub.com/pion/dtls/commit/eccd636)
- [`4f8fa1e`](https://togithub.com/pion/dtls/commit/4f8fa1e) Update golang.org/x/crypto digest to [`c86fa9a`](https://togithub.com/pion/dtls/commit/c86fa9a)
- [`980895f`](https://togithub.com/pion/dtls/commit/980895f) Update golang.org/x/net digest to [`83b083e`](https://togithub.com/pion/dtls/commit/83b083e)
- [`a04cfcc`](https://togithub.com/pion/dtls/commit/a04cfcc) Implement GetCertificate and GetClientCertificate
- [`43968a2`](https://togithub.com/pion/dtls/commit/43968a2) Close connection when handshake timeout occurs
- [`b8ebc62`](https://togithub.com/pion/dtls/commit/b8ebc62) Set e2e/Dockerfile to golang:1.18-bullseye
- [`82c1271`](https://togithub.com/pion/dtls/commit/82c1271) Implement VerifyConnection as is in tls.Config
- [`de299f5`](https://togithub.com/pion/dtls/commit/de299f5) Make the Elliptic curves and order configurable
- [`66ec820`](https://togithub.com/pion/dtls/commit/66ec820) Update golang.org/x/net digest to [`69896b7`](https://togithub.com/pion/dtls/commit/69896b7)
- [`194c03a`](https://togithub.com/pion/dtls/commit/194c03a) Update golang.org/x/crypto digest to [`0559593`](https://togithub.com/pion/dtls/commit/0559593)
- [`0dd0f95`](https://togithub.com/pion/dtls/commit/0dd0f95) Update module github.com/pion/transport to v0.13.1
- [`0d729a7`](https://togithub.com/pion/dtls/commit/0d729a7) Update golang.org/x/net digest to [`c960675`](https://togithub.com/pion/dtls/commit/c960675)
- [`4589ddf`](https://togithub.com/pion/dtls/commit/4589ddf) Update golang.org/x/crypto digest to [`793ad66`](https://togithub.com/pion/dtls/commit/793ad66)
- [`fa5afe3`](https://togithub.com/pion/dtls/commit/fa5afe3) Update CI configs to v0.7.10
- [`2d27879`](https://togithub.com/pion/dtls/commit/2d27879) Fix KeyUsage on x509 template
- [`74571b5`](https://togithub.com/pion/dtls/commit/74571b5) Fix CertificateVerify for [`ed25519`](https://togithub.com/pion/dtls/commit/ed25519)
- [`89cd8ae`](https://togithub.com/pion/dtls/commit/89cd8ae) Update CI configs to v0.7.9
- [`84b65ad`](https://togithub.com/pion/dtls/commit/84b65ad) Update CI configs to v0.7.8
- [`10d3c06`](https://togithub.com/pion/dtls/commit/10d3c06) Consolidate signaturehash tests
- [`189d384`](https://togithub.com/pion/dtls/commit/189d384) Enable [`ED25519`](https://togithub.com/pion/dtls/commit/ED25519) E2E tests
- [`ba33f3d`](https://togithub.com/pion/dtls/commit/ba33f3d) Use full image reference
### [`v2.2.1`](https://togithub.com/pion/dtls/releases/tag/v2.2.1)
[Compare Source](https://togithub.com/pion/dtls/compare/v2.2.0...v2.2.1)
#### Changelog
- [`0473adf`](https://togithub.com/pion/dtls/commit/0473adf) Add SkipHelloVerify option to dTLS
- [`11ea8c2`](https://togithub.com/pion/dtls/commit/11ea8c2) Update module golang.org/x/crypto to v0.5.0
- [`f3c7b2d`](https://togithub.com/pion/dtls/commit/f3c7b2d) Update module golang.org/x/net to v0.5.0
- [`3dca8e4`](https://togithub.com/pion/dtls/commit/3dca8e4) Update github.com/pion/transport to v2
- [`3606b0d`](https://togithub.com/pion/dtls/commit/3606b0d) Use Go's built-in fuzzing tool instead of go-fuzz
- [`b122250`](https://togithub.com/pion/dtls/commit/b122250) Update CI configs to v0.10.3
- [`6aaf97c`](https://togithub.com/pion/dtls/commit/6aaf97c) Fix fuzzing of recordLayer
- [`3a6f531`](https://togithub.com/pion/dtls/commit/3a6f531) Update CI configs to v0.10.1
- [`d0f27fe`](https://togithub.com/pion/dtls/commit/d0f27fe) Update module github.com/pion/udp to v0.1.2
- [`205e480`](https://togithub.com/pion/dtls/commit/205e480) Update CI configs to v0.9.0
- [`f40c61d`](https://togithub.com/pion/dtls/commit/f40c61d) Update hash name check to be case insensitive
- [`3026357`](https://togithub.com/pion/dtls/commit/3026357) Update module golang.org/x/crypto to v0.4.0
- [`08c3602`](https://togithub.com/pion/dtls/commit/08c3602) Update module golang.org/x/net to v0.4.0
- [`5e7f90f`](https://togithub.com/pion/dtls/commit/5e7f90f) Update CI configs to v0.8.1
- [`c21afb8`](https://togithub.com/pion/dtls/commit/c21afb8) Ignore lint error on Subjects() deprecation
- [`0b11454`](https://togithub.com/pion/dtls/commit/0b11454) Update module golang.org/x/crypto to v0.3.0
- [`265bf7a`](https://togithub.com/pion/dtls/commit/265bf7a) Update module golang.org/x/net to v0.2.0
- [`f4896b5`](https://togithub.com/pion/dtls/commit/f4896b5) Update module github.com/pion/transport to v0.14.1
- [`1209570`](https://togithub.com/pion/dtls/commit/1209570) Update module github.com/pion/transport to v0.14.0
- [`8eed8ed`](https://togithub.com/pion/dtls/commit/8eed8ed) Update module golang.org/x/crypto to v0.1.0
- [`4ae7e13`](https://togithub.com/pion/dtls/commit/4ae7e13) Update CI configs to v0.8.0
- [`984d41b`](https://togithub.com/pion/dtls/commit/984d41b) Update golang.org/x/net digest to [`107f3e3`](https://togithub.com/pion/dtls/commit/107f3e3)
- [`aabc687`](https://togithub.com/pion/dtls/commit/aabc687) Update golang.org/x/crypto digest to [`eccd636`](https://togithub.com/pion/dtls/commit/eccd636)
- [`4f8fa1e`](https://togithub.com/pion/dtls/commit/4f8fa1e) Update golang.org/x/crypto digest to [`c86fa9a`](https://togithub.com/pion/dtls/commit/c86fa9a)
- [`980895f`](https://togithub.com/pion/dtls/commit/980895f) Update golang.org/x/net digest to [`83b083e`](https://togithub.com/pion/dtls/commit/83b083e)
- [`a04cfcc`](https://togithub.com/pion/dtls/commit/a04cfcc) Implement GetCertificate and GetClientCertificate
- [`43968a2`](https://togithub.com/pion/dtls/commit/43968a2) Close connection when handshake timeout occurs
- [`b8ebc62`](https://togithub.com/pion/dtls/commit/b8ebc62) Set e2e/Dockerfile to golang:1.18-bullseye
- [`82c1271`](https://togithub.com/pion/dtls/commit/82c1271) Implement VerifyConnection as is in tls.Config
- [`de299f5`](https://togithub.com/pion/dtls/commit/de299f5) Make the Elliptic curves and order configurable
- [`66ec820`](https://togithub.com/pion/dtls/commit/66ec820) Update golang.org/x/net digest to [`69896b7`](https://togithub.com/pion/dtls/commit/69896b7)
- [`194c03a`](https://togithub.com/pion/dtls/commit/194c03a) Update golang.org/x/crypto digest to [`0559593`](https://togithub.com/pion/dtls/commit/0559593)
- [`0dd0f95`](https://togithub.com/pion/dtls/commit/0dd0f95) Update module github.com/pion/transport to v0.13.1
- [`0d729a7`](https://togithub.com/pion/dtls/commit/0d729a7) Update golang.org/x/net digest to [`c960675`](https://togithub.com/pion/dtls/commit/c960675)
- [`4589ddf`](https://togithub.com/pion/dtls/commit/4589ddf) Update golang.org/x/crypto digest to [`793ad66`](https://togithub.com/pion/dtls/commit/793ad66)
- [`fa5afe3`](https://togithub.com/pion/dtls/commit/fa5afe3) Update CI configs to v0.7.10
- [`2d27879`](https://togithub.com/pion/dtls/commit/2d27879) Fix KeyUsage on x509 template
- [`74571b5`](https://togithub.com/pion/dtls/commit/74571b5) Fix CertificateVerify for [`ed25519`](https://togithub.com/pion/dtls/commit/ed25519)
- [`89cd8ae`](https://togithub.com/pion/dtls/commit/89cd8ae) Update CI configs to v0.7.9
- [`84b65ad`](https://togithub.com/pion/dtls/commit/84b65ad) Update CI configs to v0.7.8
- [`10d3c06`](https://togithub.com/pion/dtls/commit/10d3c06) Consolidate signaturehash tests
- [`189d384`](https://togithub.com/pion/dtls/commit/189d384) Enable [`ED25519`](https://togithub.com/pion/dtls/commit/ED25519) E2E tests
- [`ba33f3d`](https://togithub.com/pion/dtls/commit/ba33f3d) Use full image reference
### [`v2.2.0`](https://togithub.com/pion/dtls/releases/tag/v2.2.0)
[Compare Source](https://togithub.com/pion/dtls/compare/v2.1.5...v2.2.0)
#### Changelog
- [`5f48042`](https://togithub.com/pion/dtls/commit/5f48042) Use Go's built-in fuzzing tool instead of go-fuzz
- [`b122250`](https://togithub.com/pion/dtls/commit/b122250) Update CI configs to v0.10.3
- [`6aaf97c`](https://togithub.com/pion/dtls/commit/6aaf97c) Fix fuzzing of recordLayer
- [`3a6f531`](https://togithub.com/pion/dtls/commit/3a6f531) Update CI configs to v0.10.1
- [`d0f27fe`](https://togithub.com/pion/dtls/commit/d0f27fe) Update module github.com/pion/udp to v0.1.2
- [`205e480`](https://togithub.com/pion/dtls/commit/205e480) Update CI configs to v0.9.0
- [`f40c61d`](https://togithub.com/pion/dtls/commit/f40c61d) Update hash name check to be case insensitive
- [`3026357`](https://togithub.com/pion/dtls/commit/3026357) Update module golang.org/x/crypto to v0.4.0
- [`08c3602`](https://togithub.com/pion/dtls/commit/08c3602) Update module golang.org/x/net to v0.4.0
- [`5e7f90f`](https://togithub.com/pion/dtls/commit/5e7f90f) Update CI configs to v0.8.1
- [`c21afb8`](https://togithub.com/pion/dtls/commit/c21afb8) Ignore lint error on Subjects() deprecation
- [`0b11454`](https://togithub.com/pion/dtls/commit/0b11454) Update module golang.org/x/crypto to v0.3.0
- [`265bf7a`](https://togithub.com/pion/dtls/commit/265bf7a) Update module golang.org/x/net to v0.2.0
- [`f4896b5`](https://togithub.com/pion/dtls/commit/f4896b5) Update module github.com/pion/transport to v0.14.1
- [`1209570`](https://togithub.com/pion/dtls/commit/1209570) Update module github.com/pion/transport to v0.14.0
- [`8eed8ed`](https://togithub.com/pion/dtls/commit/8eed8ed) Update module golang.org/x/crypto to v0.1.0
- [`4ae7e13`](https://togithub.com/pion/dtls/commit/4ae7e13) Update CI configs to v0.8.0
- [`984d41b`](https://togithub.com/pion/dtls/commit/984d41b) Update golang.org/x/net digest to [`107f3e3`](https://togithub.com/pion/dtls/commit/107f3e3)
- [`aabc687`](https://togithub.com/pion/dtls/commit/aabc687) Update golang.org/x/crypto digest to [`eccd636`](https://togithub.com/pion/dtls/commit/eccd636)
- [`4f8fa1e`](https://togithub.com/pion/dtls/commit/4f8fa1e) Update golang.org/x/crypto digest to [`c86fa9a`](https://togithub.com/pion/dtls/commit/c86fa9a)
- [`980895f`](https://togithub.com/pion/dtls/commit/980895f) Update golang.org/x/net digest to [`83b083e`](https://togithub.com/pion/dtls/commit/83b083e)
- [`a04cfcc`](https://togithub.com/pion/dtls/commit/a04cfcc) Implement GetCertificate and GetClientCertificate
- [`43968a2`](https://togithub.com/pion/dtls/commit/43968a2) Close connection when handshake timeout occurs
- [`b8ebc62`](https://togithub.com/pion/dtls/commit/b8ebc62) Set e2e/Dockerfile to golang:1.18-bullseye
- [`82c1271`](https://togithub.com/pion/dtls/commit/82c1271) Implement VerifyConnection as is in tls.Config
- [`de299f5`](https://togithub.com/pion/dtls/commit/de299f5) Make the Elliptic curves and order configurable
- [`66ec820`](https://togithub.com/pion/dtls/commit/66ec820) Update golang.org/x/net digest to [`69896b7`](https://togithub.com/pion/dtls/commit/69896b7)
- [`194c03a`](https://togithub.com/pion/dtls/commit/194c03a) Update golang.org/x/crypto digest to [`0559593`](https://togithub.com/pion/dtls/commit/0559593)
- [`0dd0f95`](https://togithub.com/pion/dtls/commit/0dd0f95) Update module github.com/pion/transport to v0.13.1
- [`0d729a7`](https://togithub.com/pion/dtls/commit/0d729a7) Update golang.org/x/net digest to [`c960675`](https://togithub.com/pion/dtls/commit/c960675)
- [`4589ddf`](https://togithub.com/pion/dtls/commit/4589ddf) Update golang.org/x/crypto digest to [`793ad66`](https://togithub.com/pion/dtls/commit/793ad66)
- [`fa5afe3`](https://togithub.com/pion/dtls/commit/fa5afe3) Update CI configs to v0.7.10
- [`2d27879`](https://togithub.com/pion/dtls/commit/2d27879) Fix KeyUsage on x509 template
- [`74571b5`](https://togithub.com/pion/dtls/commit/74571b5) Fix CertificateVerify for [`ed25519`](https://togithub.com/pion/dtls/commit/ed25519)
- [`89cd8ae`](https://togithub.com/pion/dtls/commit/89cd8ae) Update CI configs to v0.7.9
- [`84b65ad`](https://togithub.com/pion/dtls/commit/84b65ad) Update CI configs to v0.7.8
- [`10d3c06`](https://togithub.com/pion/dtls/commit/10d3c06) Consolidate signaturehash tests
- [`189d384`](https://togithub.com/pion/dtls/commit/189d384) Enable [`ED25519`](https://togithub.com/pion/dtls/commit/ED25519) E2E tests
- [`ba33f3d`](https://togithub.com/pion/dtls/commit/ba33f3d) Use full image reference
### [`v2.1.5`](https://togithub.com/pion/dtls/releases/tag/v2.1.5)
[Compare Source](https://togithub.com/pion/dtls/compare/v2.1.4...v2.1.5)
This release includes fixes for a security issue reported by the Mattermost security team. We'd like to thank them for the responsible disclosure and urge any consumers of the DTLS package to update.
- https://github.com/pion/dtls/security/advisories/GHSA-w45j-f832-hxvh
### [`v2.1.4`](https://togithub.com/pion/dtls/releases/tag/v2.1.4)
[Compare Source](https://togithub.com/pion/dtls/compare/v2.1.3...v2.1.4)
This release includes fixes for two security issues reported by the Mattermost security team. We'd like to thank them for the responsible disclosure and urge any consumers of the DTLS package to update.
- https://github.com/pion/dtls/security/advisories/GHSA-cm8f-h6j3-p25c
- https://github.com/pion/dtls/security/advisories/GHSA-cx94-mrg9-rq4j
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
v2.1.3->v2.2.4GitHub Vulnerability Alerts
GHSA-hxp2-xqf3-v83h
Impact
When attempting to unmarshal a Server Hello request we could attempt to unmarshal into a buffer that was too small. This could result in a panic leading the program to crash.
This issue could be abused to cause a denial of service.
Workaround
None
GHSA-4xgv-j62q-h3rj
Impact
During the unmarshalling of a hello verify request we could try to unmarshal into too small a buffer. is could result in a panic leading the program to crash.
This issue could be abused to cause a denial of service.
Workaround
None, upgrade to 2.2.4
CVE-2022-29189
Impact
A buffer that was used for inbound network traffic had no upper limit. Pion DTLS would buffer all network traffic from the remote user until the handshake completes or times out. An attacker could exploit this to cause excessive memory usage.
Patches
Upgrade to Pion DTLS v2.1.4
Workarounds
No workarounds available, upgrade to Pion DTLS v2.1.4
References
Thank you to Juho Nurminen and the Mattermost team for discovering and reporting this.
For more information
If you have any questions or comments about this advisory:
CVE-2022-29190
Impact
An attacker can send packets that will send Pion DTLS into an infinite loop when processing.
Patches
Upgrade to Pion DTLS v2.1.4
Workarounds
No workarounds available, upgrade to Pion DTLS v2.1.4
References
Thank you to Juho Nurminen and the Mattermost team for discovering and reporting this.
For more information
If you have any questions or comments about this advisory:
CVE-2022-29222
Impact
A DTLS Client could provide a Certificate that it doesn't posses the private key for and Pion DTLS wouldn't reject it.
This issue affects users that are using Client certificates only. The connection itself is still secure. The Certificate provided by clients can't be trusted when using a Pion DTLS server prior to v2.1.5
Patches
Upgrade to Pion DTLS v2.1.5
Workarounds
No workarounds available, upgrade to Pion DTLS v2.1.5
References
Thank you to Juho Nurminen and the Mattermost team for discovering and reporting this.
For more information
If you have any questions or comments about this advisory:
Release Notes
pion/dtls
### [`v2.2.4`](https://togithub.com/pion/dtls/releases/tag/v2.2.4) [Compare Source](https://togithub.com/pion/dtls/compare/v2.2.3...v2.2.4) #### Security This release contains 2 patches by [@nerd2](https://togithub.com/nerd2) from Motorola Solutions that could lead to panics at runtime. We'd like to thank Sam for finding and responsibly disclosing the vulnerabilities to [@pion/security](https://togithub.com/pion/security). - https://github.com/pion/dtls/security/advisories/GHSA-4xgv-j62q-h3rj - https://github.com/pion/dtls/security/advisories/GHSA-hxp2-xqf3-v83h #### Changelog - [`9e922d5`](https://togithub.com/pion/dtls/commit/9e922d5) Add fuzz tests for handshake - [`a50d26c`](https://togithub.com/pion/dtls/commit/a50d26c) Fix panic unmarshalling hello verify request - [`7a14903`](https://togithub.com/pion/dtls/commit/7a14903) Fix OOB read in server hello ### [`v2.2.3`](https://togithub.com/pion/dtls/releases/tag/v2.2.3) [Compare Source](https://togithub.com/pion/dtls/compare/v2.2.2...v2.2.3) #### Changelog - [`8b8bc87`](https://togithub.com/pion/dtls/commit/8b8bc87) Update module github.com/pion/udp to v0.1.4 ### [`v2.2.2`](https://togithub.com/pion/dtls/releases/tag/v2.2.2) [Compare Source](https://togithub.com/pion/dtls/compare/v2.2.1...v2.2.2) #### Changelog - [`0473adf`](https://togithub.com/pion/dtls/commit/0473adf) Add SkipHelloVerify option to dTLS - [`11ea8c2`](https://togithub.com/pion/dtls/commit/11ea8c2) Update module golang.org/x/crypto to v0.5.0 - [`f3c7b2d`](https://togithub.com/pion/dtls/commit/f3c7b2d) Update module golang.org/x/net to v0.5.0 - [`3dca8e4`](https://togithub.com/pion/dtls/commit/3dca8e4) Update github.com/pion/transport to v2 - [`3606b0d`](https://togithub.com/pion/dtls/commit/3606b0d) Use Go's built-in fuzzing tool instead of go-fuzz - [`b122250`](https://togithub.com/pion/dtls/commit/b122250) Update CI configs to v0.10.3 - [`6aaf97c`](https://togithub.com/pion/dtls/commit/6aaf97c) Fix fuzzing of recordLayer - [`3a6f531`](https://togithub.com/pion/dtls/commit/3a6f531) Update CI configs to v0.10.1 - [`d0f27fe`](https://togithub.com/pion/dtls/commit/d0f27fe) Update module github.com/pion/udp to v0.1.2 - [`205e480`](https://togithub.com/pion/dtls/commit/205e480) Update CI configs to v0.9.0 - [`f40c61d`](https://togithub.com/pion/dtls/commit/f40c61d) Update hash name check to be case insensitive - [`3026357`](https://togithub.com/pion/dtls/commit/3026357) Update module golang.org/x/crypto to v0.4.0 - [`08c3602`](https://togithub.com/pion/dtls/commit/08c3602) Update module golang.org/x/net to v0.4.0 - [`5e7f90f`](https://togithub.com/pion/dtls/commit/5e7f90f) Update CI configs to v0.8.1 - [`c21afb8`](https://togithub.com/pion/dtls/commit/c21afb8) Ignore lint error on Subjects() deprecation - [`0b11454`](https://togithub.com/pion/dtls/commit/0b11454) Update module golang.org/x/crypto to v0.3.0 - [`265bf7a`](https://togithub.com/pion/dtls/commit/265bf7a) Update module golang.org/x/net to v0.2.0 - [`f4896b5`](https://togithub.com/pion/dtls/commit/f4896b5) Update module github.com/pion/transport to v0.14.1 - [`1209570`](https://togithub.com/pion/dtls/commit/1209570) Update module github.com/pion/transport to v0.14.0 - [`8eed8ed`](https://togithub.com/pion/dtls/commit/8eed8ed) Update module golang.org/x/crypto to v0.1.0 - [`4ae7e13`](https://togithub.com/pion/dtls/commit/4ae7e13) Update CI configs to v0.8.0 - [`984d41b`](https://togithub.com/pion/dtls/commit/984d41b) Update golang.org/x/net digest to [`107f3e3`](https://togithub.com/pion/dtls/commit/107f3e3) - [`aabc687`](https://togithub.com/pion/dtls/commit/aabc687) Update golang.org/x/crypto digest to [`eccd636`](https://togithub.com/pion/dtls/commit/eccd636) - [`4f8fa1e`](https://togithub.com/pion/dtls/commit/4f8fa1e) Update golang.org/x/crypto digest to [`c86fa9a`](https://togithub.com/pion/dtls/commit/c86fa9a) - [`980895f`](https://togithub.com/pion/dtls/commit/980895f) Update golang.org/x/net digest to [`83b083e`](https://togithub.com/pion/dtls/commit/83b083e) - [`a04cfcc`](https://togithub.com/pion/dtls/commit/a04cfcc) Implement GetCertificate and GetClientCertificate - [`43968a2`](https://togithub.com/pion/dtls/commit/43968a2) Close connection when handshake timeout occurs - [`b8ebc62`](https://togithub.com/pion/dtls/commit/b8ebc62) Set e2e/Dockerfile to golang:1.18-bullseye - [`82c1271`](https://togithub.com/pion/dtls/commit/82c1271) Implement VerifyConnection as is in tls.Config - [`de299f5`](https://togithub.com/pion/dtls/commit/de299f5) Make the Elliptic curves and order configurable - [`66ec820`](https://togithub.com/pion/dtls/commit/66ec820) Update golang.org/x/net digest to [`69896b7`](https://togithub.com/pion/dtls/commit/69896b7) - [`194c03a`](https://togithub.com/pion/dtls/commit/194c03a) Update golang.org/x/crypto digest to [`0559593`](https://togithub.com/pion/dtls/commit/0559593) - [`0dd0f95`](https://togithub.com/pion/dtls/commit/0dd0f95) Update module github.com/pion/transport to v0.13.1 - [`0d729a7`](https://togithub.com/pion/dtls/commit/0d729a7) Update golang.org/x/net digest to [`c960675`](https://togithub.com/pion/dtls/commit/c960675) - [`4589ddf`](https://togithub.com/pion/dtls/commit/4589ddf) Update golang.org/x/crypto digest to [`793ad66`](https://togithub.com/pion/dtls/commit/793ad66) - [`fa5afe3`](https://togithub.com/pion/dtls/commit/fa5afe3) Update CI configs to v0.7.10 - [`2d27879`](https://togithub.com/pion/dtls/commit/2d27879) Fix KeyUsage on x509 template - [`74571b5`](https://togithub.com/pion/dtls/commit/74571b5) Fix CertificateVerify for [`ed25519`](https://togithub.com/pion/dtls/commit/ed25519) - [`89cd8ae`](https://togithub.com/pion/dtls/commit/89cd8ae) Update CI configs to v0.7.9 - [`84b65ad`](https://togithub.com/pion/dtls/commit/84b65ad) Update CI configs to v0.7.8 - [`10d3c06`](https://togithub.com/pion/dtls/commit/10d3c06) Consolidate signaturehash tests - [`189d384`](https://togithub.com/pion/dtls/commit/189d384) Enable [`ED25519`](https://togithub.com/pion/dtls/commit/ED25519) E2E tests - [`ba33f3d`](https://togithub.com/pion/dtls/commit/ba33f3d) Use full image reference ### [`v2.2.1`](https://togithub.com/pion/dtls/releases/tag/v2.2.1) [Compare Source](https://togithub.com/pion/dtls/compare/v2.2.0...v2.2.1) #### Changelog - [`0473adf`](https://togithub.com/pion/dtls/commit/0473adf) Add SkipHelloVerify option to dTLS - [`11ea8c2`](https://togithub.com/pion/dtls/commit/11ea8c2) Update module golang.org/x/crypto to v0.5.0 - [`f3c7b2d`](https://togithub.com/pion/dtls/commit/f3c7b2d) Update module golang.org/x/net to v0.5.0 - [`3dca8e4`](https://togithub.com/pion/dtls/commit/3dca8e4) Update github.com/pion/transport to v2 - [`3606b0d`](https://togithub.com/pion/dtls/commit/3606b0d) Use Go's built-in fuzzing tool instead of go-fuzz - [`b122250`](https://togithub.com/pion/dtls/commit/b122250) Update CI configs to v0.10.3 - [`6aaf97c`](https://togithub.com/pion/dtls/commit/6aaf97c) Fix fuzzing of recordLayer - [`3a6f531`](https://togithub.com/pion/dtls/commit/3a6f531) Update CI configs to v0.10.1 - [`d0f27fe`](https://togithub.com/pion/dtls/commit/d0f27fe) Update module github.com/pion/udp to v0.1.2 - [`205e480`](https://togithub.com/pion/dtls/commit/205e480) Update CI configs to v0.9.0 - [`f40c61d`](https://togithub.com/pion/dtls/commit/f40c61d) Update hash name check to be case insensitive - [`3026357`](https://togithub.com/pion/dtls/commit/3026357) Update module golang.org/x/crypto to v0.4.0 - [`08c3602`](https://togithub.com/pion/dtls/commit/08c3602) Update module golang.org/x/net to v0.4.0 - [`5e7f90f`](https://togithub.com/pion/dtls/commit/5e7f90f) Update CI configs to v0.8.1 - [`c21afb8`](https://togithub.com/pion/dtls/commit/c21afb8) Ignore lint error on Subjects() deprecation - [`0b11454`](https://togithub.com/pion/dtls/commit/0b11454) Update module golang.org/x/crypto to v0.3.0 - [`265bf7a`](https://togithub.com/pion/dtls/commit/265bf7a) Update module golang.org/x/net to v0.2.0 - [`f4896b5`](https://togithub.com/pion/dtls/commit/f4896b5) Update module github.com/pion/transport to v0.14.1 - [`1209570`](https://togithub.com/pion/dtls/commit/1209570) Update module github.com/pion/transport to v0.14.0 - [`8eed8ed`](https://togithub.com/pion/dtls/commit/8eed8ed) Update module golang.org/x/crypto to v0.1.0 - [`4ae7e13`](https://togithub.com/pion/dtls/commit/4ae7e13) Update CI configs to v0.8.0 - [`984d41b`](https://togithub.com/pion/dtls/commit/984d41b) Update golang.org/x/net digest to [`107f3e3`](https://togithub.com/pion/dtls/commit/107f3e3) - [`aabc687`](https://togithub.com/pion/dtls/commit/aabc687) Update golang.org/x/crypto digest to [`eccd636`](https://togithub.com/pion/dtls/commit/eccd636) - [`4f8fa1e`](https://togithub.com/pion/dtls/commit/4f8fa1e) Update golang.org/x/crypto digest to [`c86fa9a`](https://togithub.com/pion/dtls/commit/c86fa9a) - [`980895f`](https://togithub.com/pion/dtls/commit/980895f) Update golang.org/x/net digest to [`83b083e`](https://togithub.com/pion/dtls/commit/83b083e) - [`a04cfcc`](https://togithub.com/pion/dtls/commit/a04cfcc) Implement GetCertificate and GetClientCertificate - [`43968a2`](https://togithub.com/pion/dtls/commit/43968a2) Close connection when handshake timeout occurs - [`b8ebc62`](https://togithub.com/pion/dtls/commit/b8ebc62) Set e2e/Dockerfile to golang:1.18-bullseye - [`82c1271`](https://togithub.com/pion/dtls/commit/82c1271) Implement VerifyConnection as is in tls.Config - [`de299f5`](https://togithub.com/pion/dtls/commit/de299f5) Make the Elliptic curves and order configurable - [`66ec820`](https://togithub.com/pion/dtls/commit/66ec820) Update golang.org/x/net digest to [`69896b7`](https://togithub.com/pion/dtls/commit/69896b7) - [`194c03a`](https://togithub.com/pion/dtls/commit/194c03a) Update golang.org/x/crypto digest to [`0559593`](https://togithub.com/pion/dtls/commit/0559593) - [`0dd0f95`](https://togithub.com/pion/dtls/commit/0dd0f95) Update module github.com/pion/transport to v0.13.1 - [`0d729a7`](https://togithub.com/pion/dtls/commit/0d729a7) Update golang.org/x/net digest to [`c960675`](https://togithub.com/pion/dtls/commit/c960675) - [`4589ddf`](https://togithub.com/pion/dtls/commit/4589ddf) Update golang.org/x/crypto digest to [`793ad66`](https://togithub.com/pion/dtls/commit/793ad66) - [`fa5afe3`](https://togithub.com/pion/dtls/commit/fa5afe3) Update CI configs to v0.7.10 - [`2d27879`](https://togithub.com/pion/dtls/commit/2d27879) Fix KeyUsage on x509 template - [`74571b5`](https://togithub.com/pion/dtls/commit/74571b5) Fix CertificateVerify for [`ed25519`](https://togithub.com/pion/dtls/commit/ed25519) - [`89cd8ae`](https://togithub.com/pion/dtls/commit/89cd8ae) Update CI configs to v0.7.9 - [`84b65ad`](https://togithub.com/pion/dtls/commit/84b65ad) Update CI configs to v0.7.8 - [`10d3c06`](https://togithub.com/pion/dtls/commit/10d3c06) Consolidate signaturehash tests - [`189d384`](https://togithub.com/pion/dtls/commit/189d384) Enable [`ED25519`](https://togithub.com/pion/dtls/commit/ED25519) E2E tests - [`ba33f3d`](https://togithub.com/pion/dtls/commit/ba33f3d) Use full image reference ### [`v2.2.0`](https://togithub.com/pion/dtls/releases/tag/v2.2.0) [Compare Source](https://togithub.com/pion/dtls/compare/v2.1.5...v2.2.0) #### Changelog - [`5f48042`](https://togithub.com/pion/dtls/commit/5f48042) Use Go's built-in fuzzing tool instead of go-fuzz - [`b122250`](https://togithub.com/pion/dtls/commit/b122250) Update CI configs to v0.10.3 - [`6aaf97c`](https://togithub.com/pion/dtls/commit/6aaf97c) Fix fuzzing of recordLayer - [`3a6f531`](https://togithub.com/pion/dtls/commit/3a6f531) Update CI configs to v0.10.1 - [`d0f27fe`](https://togithub.com/pion/dtls/commit/d0f27fe) Update module github.com/pion/udp to v0.1.2 - [`205e480`](https://togithub.com/pion/dtls/commit/205e480) Update CI configs to v0.9.0 - [`f40c61d`](https://togithub.com/pion/dtls/commit/f40c61d) Update hash name check to be case insensitive - [`3026357`](https://togithub.com/pion/dtls/commit/3026357) Update module golang.org/x/crypto to v0.4.0 - [`08c3602`](https://togithub.com/pion/dtls/commit/08c3602) Update module golang.org/x/net to v0.4.0 - [`5e7f90f`](https://togithub.com/pion/dtls/commit/5e7f90f) Update CI configs to v0.8.1 - [`c21afb8`](https://togithub.com/pion/dtls/commit/c21afb8) Ignore lint error on Subjects() deprecation - [`0b11454`](https://togithub.com/pion/dtls/commit/0b11454) Update module golang.org/x/crypto to v0.3.0 - [`265bf7a`](https://togithub.com/pion/dtls/commit/265bf7a) Update module golang.org/x/net to v0.2.0 - [`f4896b5`](https://togithub.com/pion/dtls/commit/f4896b5) Update module github.com/pion/transport to v0.14.1 - [`1209570`](https://togithub.com/pion/dtls/commit/1209570) Update module github.com/pion/transport to v0.14.0 - [`8eed8ed`](https://togithub.com/pion/dtls/commit/8eed8ed) Update module golang.org/x/crypto to v0.1.0 - [`4ae7e13`](https://togithub.com/pion/dtls/commit/4ae7e13) Update CI configs to v0.8.0 - [`984d41b`](https://togithub.com/pion/dtls/commit/984d41b) Update golang.org/x/net digest to [`107f3e3`](https://togithub.com/pion/dtls/commit/107f3e3) - [`aabc687`](https://togithub.com/pion/dtls/commit/aabc687) Update golang.org/x/crypto digest to [`eccd636`](https://togithub.com/pion/dtls/commit/eccd636) - [`4f8fa1e`](https://togithub.com/pion/dtls/commit/4f8fa1e) Update golang.org/x/crypto digest to [`c86fa9a`](https://togithub.com/pion/dtls/commit/c86fa9a) - [`980895f`](https://togithub.com/pion/dtls/commit/980895f) Update golang.org/x/net digest to [`83b083e`](https://togithub.com/pion/dtls/commit/83b083e) - [`a04cfcc`](https://togithub.com/pion/dtls/commit/a04cfcc) Implement GetCertificate and GetClientCertificate - [`43968a2`](https://togithub.com/pion/dtls/commit/43968a2) Close connection when handshake timeout occurs - [`b8ebc62`](https://togithub.com/pion/dtls/commit/b8ebc62) Set e2e/Dockerfile to golang:1.18-bullseye - [`82c1271`](https://togithub.com/pion/dtls/commit/82c1271) Implement VerifyConnection as is in tls.Config - [`de299f5`](https://togithub.com/pion/dtls/commit/de299f5) Make the Elliptic curves and order configurable - [`66ec820`](https://togithub.com/pion/dtls/commit/66ec820) Update golang.org/x/net digest to [`69896b7`](https://togithub.com/pion/dtls/commit/69896b7) - [`194c03a`](https://togithub.com/pion/dtls/commit/194c03a) Update golang.org/x/crypto digest to [`0559593`](https://togithub.com/pion/dtls/commit/0559593) - [`0dd0f95`](https://togithub.com/pion/dtls/commit/0dd0f95) Update module github.com/pion/transport to v0.13.1 - [`0d729a7`](https://togithub.com/pion/dtls/commit/0d729a7) Update golang.org/x/net digest to [`c960675`](https://togithub.com/pion/dtls/commit/c960675) - [`4589ddf`](https://togithub.com/pion/dtls/commit/4589ddf) Update golang.org/x/crypto digest to [`793ad66`](https://togithub.com/pion/dtls/commit/793ad66) - [`fa5afe3`](https://togithub.com/pion/dtls/commit/fa5afe3) Update CI configs to v0.7.10 - [`2d27879`](https://togithub.com/pion/dtls/commit/2d27879) Fix KeyUsage on x509 template - [`74571b5`](https://togithub.com/pion/dtls/commit/74571b5) Fix CertificateVerify for [`ed25519`](https://togithub.com/pion/dtls/commit/ed25519) - [`89cd8ae`](https://togithub.com/pion/dtls/commit/89cd8ae) Update CI configs to v0.7.9 - [`84b65ad`](https://togithub.com/pion/dtls/commit/84b65ad) Update CI configs to v0.7.8 - [`10d3c06`](https://togithub.com/pion/dtls/commit/10d3c06) Consolidate signaturehash tests - [`189d384`](https://togithub.com/pion/dtls/commit/189d384) Enable [`ED25519`](https://togithub.com/pion/dtls/commit/ED25519) E2E tests - [`ba33f3d`](https://togithub.com/pion/dtls/commit/ba33f3d) Use full image reference ### [`v2.1.5`](https://togithub.com/pion/dtls/releases/tag/v2.1.5) [Compare Source](https://togithub.com/pion/dtls/compare/v2.1.4...v2.1.5) This release includes fixes for a security issue reported by the Mattermost security team. We'd like to thank them for the responsible disclosure and urge any consumers of the DTLS package to update. - https://github.com/pion/dtls/security/advisories/GHSA-w45j-f832-hxvh ### [`v2.1.4`](https://togithub.com/pion/dtls/releases/tag/v2.1.4) [Compare Source](https://togithub.com/pion/dtls/compare/v2.1.3...v2.1.4) This release includes fixes for two security issues reported by the Mattermost security team. We'd like to thank them for the responsible disclosure and urge any consumers of the DTLS package to update. - https://github.com/pion/dtls/security/advisories/GHSA-cm8f-h6j3-p25c - https://github.com/pion/dtls/security/advisories/GHSA-cx94-mrg9-rq4jConfiguration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.