-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfreenet-build-1497-fix-severe-path-folding-vulnerability.html
108 lines (95 loc) · 6.03 KB
/
freenet-build-1497-fix-severe-path-folding-vulnerability.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
<!DOCTYPE html>
<html lang="en">
<head>
<link rel="stylesheet" href="/theme/style/base.min.css?2189187c">
<title>Hyphanet</title>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" />
<link href="https://www.hyphanet.org/feeds/all.atom.xml" type="application/atom+xml" rel="alternate" title="Hyphanet Full Atom Feed" />
<link rel="alternate" hreflang="en" href="https://www.hyphanet.org/freenet-build-1497-fix-severe-path-folding-vulnerability.html" />
<link rel="alternate" hreflang="ru" href="https://www.hyphanet.org/ru/freenet-build-1497-fix-severe-path-folding-vulnerability.html" />
<link rel="alternate" hreflang="fr" href="https://www.hyphanet.org/fr/freenet-build-1497-fix-severe-path-folding-vulnerability.html" />
<link rel="alternate" hreflang="x-default" href="https://www.hyphanet.org /freenet-build-1497-fix-severe-path-folding-vulnerability.html" />
<link rel="canonical" href="https://www.hyphanet.org/freenet-build-1497-fix-severe-path-folding-vulnerability.html" />
<meta property="og:title" content="Hyphanet" />
<meta property="og:type" content="article" />
<meta property="og:url" content="https://www.hyphanet.org" />
<meta property="og:image" content="https://www.hyphanet.org/" />
<meta property="og:image:secure_url" content="https://www.hyphanet.org/theme/images/logo-blue.png" />
<meta property="og:description" content="Hyphanet is a peer-to-peer platform for censorship-resistant communication and publishing." />
<meta name="twitter:card" content="summary">
<meta name="twitter:title" content="Hyphanet" />
<meta name="twitter:description" content="Hyphanet is a peer-to-peer platform for censorship-resistant communication and publishing." />
<meta name="twitter:image" content="https://www.hyphanet.org/theme/images/logo-blue.png" />
</head>
<body id="index" class="home">
<div>
<nav id="menu">
<a href="https://www.hyphanet.org/">Hyphanet</a>
<a href="https://www.hyphanet.org/pages/about.html">About</a>
<a href="https://www.hyphanet.org/pages/volunteer.html">Volunteer</a>
<a href="https://www.hyphanet.org/pages/documentation.html">Documentation</a>
<a href="https://www.hyphanet.org/pages/download.html">Download</a>
<a href="https://www.hyphanet.org/pages/help.html">Help</a>
</nav><!-- /#menu -->
<aside class="social">
<a rel="me" title="Hyphanet News and Info in the Fediverse" href="https://floss.social/@Freenet">Mastodon</a>
</aside>
<nav id="language">
<span>Language</span>
<a href="https://www.hyphanet.org/ru/freenet-build-1497-fix-severe-path-folding-vulnerability.html">ru</a>
<a href="https://www.hyphanet.org/fr/freenet-build-1497-fix-severe-path-folding-vulnerability.html">fr</a>
</nav>
</div>
<main>
<header id="banner" class="body">
<h1>Freenet build 1497: fix severe path folding vulnerability</h1>
</header><!-- /#banner -->
<section id="content" class="body">
<div class="post-info">
<time class="published" datetime="2023-03-04T00:00:00+01:00">
Sat 04 March 2023
</time>
<address class="vcard author">
By <a class="url fn" href="https://www.hyphanet.org/author/arne-babenhauserheide.html">Arne Babenhauserheide</a>
</address>
</div><!-- /.post-info -->
<div class="entry-content">
<p>Freenet 0.7.5 build 1497 is now available.</p>
<blockquote>
<p><strong>Install Freenet</strong> for <strong><a href="https://www.draketo.de/dateien/freenet/build01497/FreenetInstaller-1497.exe">Windows</a></strong>, for <strong><a href="https://www.draketo.de/dateien/freenet/build01497/new_installer_offline_1497.jar">GNU/Linux, macOS and other *nixes</a></strong>, or for <strong><a href="https://freenet-mobile.github.io/app/">Android</a></strong>. See the <a href="pages/download.html">download page</a> for more information and other platforms.</p>
</blockquote>
<p>This release fixes a severe vulnerability in path folding that allowed
to distinguish between downloaders and forwarders with an adapted
node that is directly connected via opennet.</p>
<p>This vulnerability was reported to the Project by Prof. Ming Yang and
Prof. Zhen Ling from the School of Computer Science and Engineering,
Southeast University, Prof. Xinwen Fu from the Miner School of
Computer & Information Sciences, University of Massachusetts Lowell,
and Yonghuan Xu from School of Cyber Science and Engineering,
Southeast university.</p>
<p>Yonghuan also provided support in fixing the vulnerability. Thank you
very much!</p>
<p>To reduce the probability of hitting other problems in path folding,
we also merged the pull-request to completely avoid path folding at
HTL 17 or higher.</p>
</div><!-- /.entry-content -->
<a href="archives.html">News Archives</a>
</section>
</main>
<footer>
<header>
<h2>Hyphanet</h2>
<p>Navigate with Freedom</p>
</header>
<ul class="social">
<a rel="me" title="Hyphanet News and Info in the Fediverse" href="https://floss.social/@Freenet">Mastodon</a>
</ul>
<div id="contact">
<span style="display:inline-block; unicode-bidi:bidi-override; direction:rtl;" onmouseover="this.innerText=this.innerText.split('').reverse().join(''); this.style.unicodeBidi='';this.style.direction=''; this.removeAttribute('onmouseover');">gro.tcejorpteneerf@sserp</span></br>
<span style="display:inline-block; unicode-bidi:bidi-override; direction:rtl;" onmouseover="this.innerText=this.innerText.split('').reverse().join(''); this.style.unicodeBidi='';this.style.direction=''; this.removeAttribute('onmouseover');">gro.tcejorpteneerf@troppus</span></br>
<span>IRC: <a href="https://web.libera.chat/?nick=FollowRabbit|?#freenet">#freenet on irc.libera.chat</a></span></br>
</div>
<p id="copyright">Licensed under the <a href="https://www.gnu.org/licenses/fdl-1.3.html">GFDL</a>. <a href="https://github.com/hyphanet/website">Website source repository</a>, <a href="/pages/download.html#privacy-policy">Privacy Policy</a></p>
</footer></body>
</html>