Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump de.rub.nds.tls.attacker:transport from 4.0.2 to 5.3.0 #71

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump de.rub.nds.tls.attacker:transport from 4.0.2 to 5.3.0 #71

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 4, 2023
edited

Bumps de.rub.nds.tls.attacker:transport from 4.0.2 to 5.3.0.

Release notes

Sourced from de.rub.nds.tls.attacker:transport's releases.

TLS-Attacker v5.3.0

Changes

  • Added support for chinese SM cipher suites in TLS 1.3
  • Fixed encryption issue when using client authentication in TLS 1.3
  • Fixed a bug for reexecuted WorkflowTraces caused by manipulated LayerConfiguration
  • Fixed a bug which caused only the first pre-defined DTLS fragment to be used by the DtlsFragmentLayer

TLS-Attacker v5.2.1

Starting with this release, we attribute the Technology Innovation Institute (@​tiiuae) in the license header to reflect the extensive contributions made by its researchers.

Changes

  • Set default WorkflowTraceType to DYNAMIC_HANDSHAKE so the user does not have to specify the negotiated key exchange algorithm before execution
  • Added flag for automatic extension selection in ServerHello and EncryptedExtensions (defaults to off for backwards compatibility)
  • Fixed NullPointerExceptions for pseudo cipher suites (e.g SCSV) enforced in Server Hello

TLS-Attacker v5.1.6

The new version of TLS-Attacker introduces a layer system, which better separates protocols and parts of protocols in the code. This also facilitates the implementation of new application protocols besides HTTP. The user is now also able to define custom protocol layer stacks. Large parts of TLS-Attacker have been refactored for this purpose.

Changes

  • Introduced layer system with clear separation of fragment layer, record layer, message layer and HTTP layer
  • Refactored parsing to use separate streams for sub structures of messages, such as extensions within handshake messages
  • Added support for encrypted Client Hello messages
  • Fixed inconsistent use of generic classes which caused issues for some IDEs
  • Unified client port reuse across TCP and UDP transport handlers
Commits
  • 9dfb02e release: v5.3.0
  • 9d5d054 Merge pull request #1047 from tls-attacker/fix/useProvidedDtlsFragments
  • 7b25103 Fixed the use of the provided fragments
  • aaf0042 Fixed manipulation of container list in LayerConfig (#1045)
  • 67fa352 Merge pull request #1044 from tls-attacker/dependabot/maven/de.rub.nds-protoc...
  • 9394a2c Merge branch 'master' into dependabot/maven/de.rub.nds-protocol-toolkit-bom-3...
  • 5ea60d1 Merge pull request #1046 from tls-attacker/fix/NoSuchProviderException
  • b7b804d Added BC provider to tests
  • b9de4c0 build(deps): bump protocol-toolkit-bom from 3.3.0 to 3.4.1
  • 5fe90d0 Merge pull request #1020 from tls-attacker/sm-ciphers
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot
Bump de.rub.nds.tls.attacker:transport from 4.0.2 to 5.3.0
83fc7d5 
Bumps [de.rub.nds.tls.attacker:transport](https://github.com/tls-attacker/TLS-Attacker) from 4.0.2 to 5.3.0.
- [Release notes](https://github.com/tls-attacker/TLS-Attacker/releases)
- [Commits](tls-attacker/TLS-Attacker@v4.0.2...v5.3.0)

---
updated-dependencies:
- dependency-name: de.rub.nds.tls.attacker:transport
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Sep 4, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
0 participants