I2P 0.9.14
Milestone information
- Active:
- No. Drivers cannot target bugs and blueprints to this milestone.
Activities
- Assigned to you:
- No blueprints or bugs assigned to you.
- Assignees:
- No users assigned to blueprints and bugs.
- Blueprints:
- No blueprints are targeted to this milestone.
- Bugs:
- No bugs are targeted to this milestone.
Download files for this release
Release notes
0.9.14 includes critical fixes for XSS and remote execution vulnerabilities reported by Exodus Intel. As an added precaution, we have disabled several advanced configuration features in the router console, including installation of new plugins. We plan to re-enable these in a future release after additional review.
Due to I2P library changes, I2P-Bote users must upgrade their plugin to version 0.2.10 to work with I2P 0.9.14. Your router should update the plugin automatically after the router restarts.
The release also contains several bug fixes in i2ptunnel, i2psnark, and other areas, and updates to the latest Jetty, Tomcat, and Wrapper. We've also implemented a faster and more secure method for reseeding. Of course, there's also the usual collection of minor bug fixes and translation updates.
You must update to this release immediately. The best way to maintain security and help the network is to run the latest release.
RELEASE DETAILS
Security Fixes
Fix several XSS issues
Disable changing news feed URL from UI
Disable plugin install
Disable setting unsigned update URL from UI
Disable clients.config editing from the UI
Add Content-
Disable unused ExecNamingService (thx joernchen of Phenoelit)
Bug Fixes
Fix tunnel building so it doesn't get "stuck" on a single pool
Reject participating tunnels when hidden
Several i2psnark improvements and fixes (GUI and DHT), including changes for better compatibility with Vuze
Other
Reseeding now fetches a signed zip file containing router infos for security and speed
Use JVM's AES implementation if it is faster
More advanced options shown in the i2ptunnel edit pages
Per-message reliabilitiy settings in I2CP and error propagation back from router to client
Lots of findbugs fixes and cleanups
Support signature types in SAM, bump rev to 3.1
New event log page in console
Jetty 8.1.15.v20140411
Tomcat 6.0.41
Wrapper 3.5.25 (new installs and PPA only)
Translation updates
Update GeoIP data (new installs and PPA only)
Changelog
This release does not have a changelog.
0 blueprints and 0 bugs targeted
There are no feature specifications or bug tasks targeted to this milestone. The project's maintainer, driver, or bug supervisor can target specifications and bug tasks to this milestone to track the things that are expected to be completed for the release.