Skip to content

Commit 975d213

Browse files
committed
Update changelog
1 parent d5a7655 commit 975d213

File tree

1 file changed

+18
-0
lines changed

1 file changed

+18
-0
lines changed

CHANGELOG.md

+18
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,24 @@
22

33
All notable changes to this project will be documented in this file.
44

5+
## [0.10.0] - 2024-03-15
6+
7+
### Security Advisory
8+
9+
Versions prior to this using the default configuration are vulnerable to a Slowloris attack.
10+
11+
This version mitigates the vulnerability.
12+
13+
Previous versions can mitigate the vulnerability by increasing the value passed to `Builder::max_handshakes` to a large
14+
number (such as `usize::MAX`). Decreasing the `handshake_timeout` can also help, although it is still strongly recommended
15+
to increase the `max_handshakes` more than the current default.
16+
17+
### Changes
18+
19+
- [**breaking**] Change `poll_accept` not to have a limit on the number of pending handshakes in the queue,
20+
so that connections that are not making progress towards completing the handshake will not block other
21+
connections from being accepted. This replaces `Builder::max_handshakes` with `Builder::accept_batch_size`.
22+
523
## [0.9.1] - 2023-12-23
624

725
### Miscellaneous Tasks

0 commit comments

Comments
 (0)