yunginnanet / prox5

🧮 SOCKS5/4/4a 🌾 validating proxy pool and upstream SOCKS5 server for 🤽 LOLXDsoRANDum connections 🎋
https://git.tcp.direct/kayos/prox5
MIT License
75 stars 6 forks source link

Chore(deps): Bump github.com/refraction-networking/utls from 1.6.0 to 1.6.4 #134

Closed dependabot[bot] closed 6 months ago

dependabot[bot] commented 6 months ago

Bumps github.com/refraction-networking/utls from 1.6.0 to 1.6.4.

Release notes

Sourced from github.com/refraction-networking/utls's releases.

v1.6.4 bugfix: UConn incorrectly inherits Conn methods

What's Changed

Full Changelog: https://github.com/refraction-networking/utls/compare/v1.6.3...v1.6.4

v1.6.3 Cryptographically Secured Shuffle

Don't panic! This does not cause any significant security concern, since modern platforms are doing fine with limited randomness from math/rand. This patch is for some much restrictive platforms such as WebAssembly -- on which math/rand may generate deterministic output (e.g., same random number series from each cold start).

What's Changed

Full Changelog: https://github.com/refraction-networking/utls/compare/v1.6.2...v1.6.3

v1.6.2 Dependency and Upstream Update

What's Changed

Full Changelog: https://github.com/refraction-networking/utls/compare/v1.6.1...v1.6.2

v1.6.1 Hotfix: kyberslash2

Security Warning

This is a security update fixing kyberslash2, a timing side-channel attack against CIRCL library used by uTLS.

What's Changed

Full Changelog: https://github.com/refraction-networking/utls/compare/v1.6.0...v1.6.1

Commits
  • e684676 fix: (*UConn).Read() and Secure Renegotiation (#292)
  • e2bc5b1 fix: typo in README.md
  • fda1888 build(deps): bump github.com/quic-go/quic-go from 0.40.1 to 0.42.0 (#289)
  • 3d4788c security: crypto/rand ShuffleChromeTLSExtensions (#286)
  • d2768e4 ⬆️ sync: merge changes from golang/go@1.22 release branch (#280)
  • 5796f97 🚑 fix: code broken after merging
  • 8680818 ➖ update: remove unused boring files
  • 36f1f79 ⚠️ deprecate: weak ciphers
  • bd8fe35 🔀 update: Merge 'upstream:release-branch.go1.22'
  • c209e4b deps: bump all deps to latest (#279)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 6 months ago

Superseded by #136.