Commit 975d213 1 parent d5a7655 commit 975d213 Copy full SHA for 975d213
File tree 1 file changed +18
-0
lines changed
1 file changed +18
-0
lines changed Original file line number Diff line number Diff line change 2
2
3
3
All notable changes to this project will be documented in this file.
4
4
5
+ ## [ 0.10.0] - 2024-03-15
6
+
7
+ ### Security Advisory
8
+
9
+ Versions prior to this using the default configuration are vulnerable to a Slowloris attack.
10
+
11
+ This version mitigates the vulnerability.
12
+
13
+ Previous versions can mitigate the vulnerability by increasing the value passed to ` Builder::max_handshakes ` to a large
14
+ number (such as ` usize::MAX ` ). Decreasing the ` handshake_timeout ` can also help, although it is still strongly recommended
15
+ to increase the ` max_handshakes ` more than the current default.
16
+
17
+ ### Changes
18
+
19
+ - [ ** breaking** ] Change ` poll_accept ` not to have a limit on the number of pending handshakes in the queue,
20
+ so that connections that are not making progress towards completing the handshake will not block other
21
+ connections from being accepted. This replaces ` Builder::max_handshakes ` with ` Builder::accept_batch_size ` .
22
+
5
23
## [ 0.9.1] - 2023-12-23
6
24
7
25
### Miscellaneous Tasks
You can’t perform that action at this time.
0 commit comments