v5.31.0 is released. (unstable version)
This is a maintenance release contains a security update for utls.
This is a maintenance release contains a security update for utls.
GitHub
Release v5.31.0 · v2fly/v2ray-core
This is a maintenance release contains a security update for utls.
Security Update
Update utls version to v1.7.1 in 5910b33
Chores
Chore: bump golang.org/x/net from 0.38.0 to 0.39.0 by @dependab...
Security Update
Update utls version to v1.7.1 in 5910b33
Chores
Chore: bump golang.org/x/net from 0.38.0 to 0.39.0 by @dependab...
v5.35.0 is released. (stable version)
New Features
fix false success from SOCKS server when Dispatch() fails
HTTP inbound: Directly forward plain HTTP 1xx response header
New Features
fix false success from SOCKS server when Dispatch() fails
HTTP inbound: Directly forward plain HTTP 1xx response header
GitHub
Release v5.35.0 · v2fly/v2ray-core
New Features
fix false success from SOCKS server when Dispatch() fails by @basinilya in #3431
HTTP inbound: Directly forward plain HTTP 1xx response header by @Fangliding in #3434
Chores
Update ...
fix false success from SOCKS server when Dispatch() fails by @basinilya in #3431
HTTP inbound: Directly forward plain HTTP 1xx response header by @Fangliding in #3434
Chores
Update ...
v5.36.0 is released. (unstable version)
New Features
Add TLSMirror looks like TLS censorship resistant transport protocol as a developer preview transport
proxy dns with NOTIMP error
New Features
Add TLSMirror looks like TLS censorship resistant transport protocol as a developer preview transport
proxy dns with NOTIMP error
GitHub
Release v5.36.0 · v2fly/v2ray-core
New Features
Add TLSMirror looks like TLS censorship resistant transport protocol as a developer preview transport in #3437
proxy dns with NOTIMP error by @rp-hello in #2954
Chores
Chore: bump g...
Add TLSMirror looks like TLS censorship resistant transport protocol as a developer preview transport in #3437
proxy dns with NOTIMP error by @rp-hello in #2954
Chores
Chore: bump g...
TLSMirror: Looks like TLS Censorship Resistant Transport Protocol is Looking for Developer Feedback
https://github.com/net4people/bbs/issues/496
https://github.com/net4people/bbs/issues/496
v5.37.0 is released. (unstable version)
New Features
Add TLSMirror looks like TLS censorship resistant transport protocol as a developer preview transport
Update TLS Mirror with TLS1.2 AEAD support, defer_instance_derived_write_time, transport_layer_padding, h2_do_not_wait_for_download_finish
proxy dns with NOTIMP error
This update includes important fix for developer preview protocol TLSMirror.
本更新含针对于开发者预览版协议 TLSMirror 的重要修复。
New Features
Add TLSMirror looks like TLS censorship resistant transport protocol as a developer preview transport
Update TLS Mirror with TLS1.2 AEAD support, defer_instance_derived_write_time, transport_layer_padding, h2_do_not_wait_for_download_finish
proxy dns with NOTIMP error
This update includes important fix for developer preview protocol TLSMirror.
本更新含针对于开发者预览版协议 TLSMirror 的重要修复。
GitHub
Release v5.37.0 · v2fly/v2ray-core
New Features
TLSMirror developer preview protocol is now a part of mainline V2Ray.
Add TLSMirror looks like TLS censorship resistant transport protocol as a developer preview transport in #3437
U...
TLSMirror developer preview protocol is now a part of mainline V2Ray.
Add TLSMirror looks like TLS censorship resistant transport protocol as a developer preview transport in #3437
U...
v5.40.0 is released. (unstable version)
New Features
Add transient storage lifecycle receiver framework (fix grpc transport goroutine leak)
New Features
Add transient storage lifecycle receiver framework (fix grpc transport goroutine leak)
GitHub
Release v5.40.0 · v2fly/v2ray-core
New Features
Add transient storage lifecycle receiver framework (fix grpc transport goroutine leak) in #3529
Chores
Chore: bump github.com/quic-go/quic-go from 0.54.0 to 0.54.1 by @dependabot[bo...
Add transient storage lifecycle receiver framework (fix grpc transport goroutine leak) in #3529
Chores
Chore: bump github.com/quic-go/quic-go from 0.54.0 to 0.54.1 by @dependabot[bo...
v5.41.0 is released. (unstable version)
This is a maintenance release.
This release includes an important fix for utls, update recommended for all users.
This is a maintenance release.
This release includes an important fix for utls, update recommended for all users.
GitHub
Release v5.41.0 · v2fly/v2ray-core
This is a maintenance release.
This release includes an important fix for utls, update are recommended for all users.
Chores
Chore: bump github.com/refraction-networking/utls from 1.8.0 to 1.8.1 b...
This release includes an important fix for utls, update are recommended for all users.
Chores
Chore: bump github.com/refraction-networking/utls from 1.8.0 to 1.8.1 b...
We have recently released a new version of v2ray with a security update for utls regarding to Chrome120 fingerprint. https://github.com/v2fly/v2ray-core/releases/tag/v5.44.0 There could be another security release tomorrow for golang tool chain update.
GitHub
Release v5.44.0 · v2fly/v2ray-core
Security Update
uTLS: bundled library updated to v1.8.2 for Chrome120 imitation profile identification.
Fixes
avoid DNS leakage with gRPC transports by @leo9800 in #3587
Dynamic address length c...
uTLS: bundled library updated to v1.8.2 for Chrome120 imitation profile identification.
Fixes
avoid DNS leakage with gRPC transports by @leo9800 in #3587
Dynamic address length c...
V2Fly - Notification and Updates, V2Ray the second new
We have recently released a new version of v2ray with a security update for utls regarding to Chrome120 fingerprint. https://github.com/v2fly/v2ray-core/releases/tag/v5.44.0 There could be another security release tomorrow for golang tool chain update.
GitHub
Release v5.44.1 · v2fly/v2ray-core
Security Updates
uTLS: bundled library updated to v1.8.2 for Chrome120 imitation profile identification.
Golang: Update golang toolchain to v1.25.6, which fixed an vulnerable (tls.Config).Clone fu...
uTLS: bundled library updated to v1.8.2 for Chrome120 imitation profile identification.
Golang: Update golang toolchain to v1.25.6, which fixed an vulnerable (tls.Config).Clone fu...
We have observed the report that looks like TLS protocol could be impacted by max non-advancing record discriminator, and based on the testing and deductions TLSMirror is not impacted by it. Also, TLSMirror is by design systemically not vulnerable to this kind of attack, and is more tolerant to different kinds of forwarding sites no matter what TLS stack was used by the forwarded site. https://github.com/net4people/bbs/issues/576
GitHub
FW: Detection of Reality Protocol with Handshake Replay and non advancing records · Issue #576 · net4people/bbs
According to the author of the following blog post, reality protocol designed by RPRX and introduced in XRay can be detected by replaying the handshake message and then observe server reaction when...