Skip to content

Releases: op2009/fhsinstall-v2ray

v4.31.0

09 Jan 10:03
@op2009 op2009
v4.31.0
76c8416
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v4.31.0 Latest
Latest

Warning
Remove Shadowsosks OTA
Compiling v2ray-core requires Go 1.15+
Fixes
Fix Trojan inbound access log
Features
VLESS PREVIEW 2.4
Add XTLS Direct Mode
https://www.v2fly.org/config/protocols/vless.html#xtls-%E9%BB%91%E7%A7%91%E6%8A%80
Add XTLS support to mKCP
Add full VLESS fallbacks support to Trojan
Add padding to abstract UNIX domain socket in fallbacks
Allow startup when VLESS inbound clients is zero
Update to IETF QUIC draft-29
Refactor
VLESS fallbacks & XTLS other improvements
Stats: Implements blocking/non-blocking messaging of Channel. @Vigilans
Chores
Refine Azure Pipelines & Bazel: remove unnecessary steps. @Loyalsoldier
Refine code *26. @Loyalsoldier
Build and compiling
Compiler uses gccgo, remove flags gcflags and asmflags
Make builds reproducible
Notice
Project gets rid of GOPATH mode entirely from now on. Use Git and go mod command as your first choice while development.
For more information, visit:

https://www.v2fly.org/developer/intro/compile.html
https://www.v2fly.org/developer/intro/guide.html

Contributors

Loyalsoldier and Vigilans
Assets 3
Loading

v4.45.2

22 Sep 03:31
@op2009 op2009
v4.45.2
3d2fd00
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v4.45.2

This release includes security enhancement for all users.

!!! Important SECURITY enhancement !!!
Fix DoS attack vulnerability in VMess Option Processing. (Thanks @nekohasekai )
Security Advisory
This update fixes a DoS vulnerability in V2Ray. This vulnerability allows a VMess Client with authentication information controlled by an attacker to crash a VMess Server by sending a specially crafted VMess handshake message with an invalid option or encryption type. This vulnerability does NOT allow the attacker to retrieve any information(other than it used an unpatched version of the software) and does NOT allow an attacker to control the unpatched software or system. It is strongly recommended for all users to apply this security update at the earliest possible opportunity. We would like to thank @nekohasekai for the discovery of this vulnerability.

此更新修复了在 V2Ray 中的一个拒绝服务攻击漏洞。这个漏洞允许攻击者控制的拥有认证信息的 VMess 客户端迫使 VMess 服务器端崩溃。这个漏洞可以通过在 VMess 握手阶段由客户端发送一个恶意的数据包被触发,触发漏洞数据包拥有无效的选项或加密方式。 攻击者 无法 通过这个漏洞获取任何信息(除客户端尚未应用此安全更新以外),也 不会 允许攻击者控制客户端软件或系统。强烈推荐所有用户在第一时间应用本安全更新。我们在此感谢 @nekohasekai 发现此漏洞。

Edit: Fixed a typo. Last version of this document withdrawn.

Contributors

nekohasekai
Assets 3
Loading