Skip to content

Releases: libp2p/rust-libp2p

v0.39.1

12 Jul 20:27
@mxinden mxinden
v0.39.1
This tag was signed with the committer’s verified signature.
mxinden Max Inden
GPG key ID: 888449134FDBF31A
Learn about vigilant mode.
b814231
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.39.1

See individual changelogs for details.

Assets 2
Loading

v0.38.0

17 May 10:58
@mxinden mxinden
v0.38.0
This tag was signed with the committer’s verified signature.
mxinden Max Inden
GPG key ID: 888449134FDBF31A
Learn about vigilant mode.
0b7ee3f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.38.0

See individual changelogs for details.

Assets 2
Loading

v0.37.1

14 Apr 18:58
@mxinden mxinden
v0.37.1
This tag was signed with the committer’s verified signature.
mxinden Max Inden
GPG key ID: 888449134FDBF31A
Learn about vigilant mode.
40c4287
This commit was signed with the committer’s verified signature.
mxinden Max Inden
GPG key ID: 888449134FDBF31A
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.37.1

See individual changelogs for details.

Assets 2
Loading

v0.36.0

17 Mar 15:51
@mxinden mxinden
v0.36.0
This tag was signed with the committer’s verified signature.
mxinden Max Inden
GPG key ID: 888449134FDBF31A
Learn about vigilant mode.
1601864
This commit was signed with the committer’s verified signature.
mxinden Max Inden
GPG key ID: 888449134FDBF31A
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.36.0

See individual changelogs for details.

Assets 2
Loading

Version 0.30.0 [2020-11-09]

10 Nov 08:20
@mxinden mxinden
v0.30.0
This tag was signed with the committer’s verified signature. The key has expired.
mxinden Max Inden
GPG key ID: 5403C5464810BC26
Expired
Learn about vigilant mode.
fabb00c
This commit was signed with the committer’s verified signature. The key has expired.
mxinden Max Inden
GPG key ID: 5403C5464810BC26
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Version 0.30.0 [2020-11-09]

Among other changes, this release adds a requirement across all crates for multihash >= v0.11.3. Rust-libp2p versions in combination with multihash < v0.11.3 are vulnerable to DoS attacks. Given that e.g. PeerId::from_bytes is called with unsanitized data from possibly untrusted sources this call can panic with multihash < v0.11.3 see RustSec for details.

In case you run libp2p in untrusted environments please either (a) update to libp2p v0.30.0 or (b) make sure to run with multihash >=v0.11.3 via your downstream Cargo.lock file.

As always all other contained changes are listed in our CHANGELOG.md.

Assets 2
Loading