Client and server will show both SHA1 and SHA256 server fingerprints to allow interoperability with older versions of Barrier.Īll of the above security issues have been reported by Matthias Gerstner who was really helpful for resolving them. After upgrading client to new version the existing server fingerprint will need to be approved again. If enabled, older clients of Barrier will be rejected.īarrier now uses SHA256 fingerprints for establishing security of encrypted SSL connections. The feature can be enabled in the settings dialog. To support seamless upgrades from older versions of Barrier this is currently disabled by default. Additionally, in case the malicious client got possession of a valid screen name by brute forcing or other means it could modify the clipboard contents of the server. This made the attack surface of Barrier significantly larger. Previously a malicious client could connect to Barrier server without any authentication and send application-level messages. Barrier now supports client identity verification (fixes CVE-2021-42072, CVE-2021-42073).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |