This release fixes a remote memory exhaustion issue in the quinn-proto Assembler. See GHSA-4w2j-m93h-cj5j for more details and #2694 for the fix.
Two sponsoring organizations participated in coordinated disclosure. If this is relevant to your organization, please contact us to keep support Quinn maintenance.
What's Changed
- Prepare 0.11.x branch for release by @djc in #2645
- Backport of #2495 to 0.11.x by @stablebits in #2674
- 0.11.x backport | quinn-proto: drop Initials silently when saturated by @stablebits in #2688
- Backport #2677 to 0.11.x by @syszery in #2690
- congestion: avoid double-reducing CUBIC fast convergence (0.11.x) by @0xdeafbeef in #2641
- proto: yield error on too many gaps in assembler by @djc in #2694