release: v4.8.6 security hardening patch
This commit is contained in:
lockbitchat
@@ -1,5 +1,34 @@
|
||||
# Changelog
|
||||
|
||||
## v4.8.6 — Security hardening patch release
|
||||
|
||||
This patch release strengthens SecureBit.chat across verification, sanitization, privacy, transport abuse resistance, cache safety, and repository hygiene.
|
||||
|
||||
### Security hardening
|
||||
|
||||
- Bound SAS verification to the actual DTLS fingerprint strings of both peers.
|
||||
- Replaced regex-based chat sanitization with DOMPurify-backed sanitization.
|
||||
- Made WebRTC privacy mode explicit and kept relay-only state synchronized at runtime.
|
||||
- Removed production exposure of internal debug/control hooks.
|
||||
- Added receiver-side rate limiting for inbound chat messages.
|
||||
- Added receiver-side throttling for inbound file chunks.
|
||||
|
||||
### Runtime and privacy safety
|
||||
|
||||
- Hardened service-worker caching so only explicitly allowlisted safe assets are cached.
|
||||
- Removed an untracked disconnect timer so teardown no longer leaves delayed callbacks behind.
|
||||
- Preserved relay-only TURN behavior while making privacy implications clearer when relay-only mode is disabled or TURN is unavailable.
|
||||
|
||||
### Repository hygiene
|
||||
|
||||
- Stopped tracking `node_modules` in Git so platform-specific dependency binaries no longer pollute the repository or break cross-platform builds.
|
||||
|
||||
### Validation
|
||||
|
||||
- Full regression suite passes.
|
||||
- Clean install succeeds with `npm ci`.
|
||||
- Production build succeeds with `npm run build`.
|
||||
|
||||
## v4.8.5 — Security hardening release
|
||||
|
||||
This release consolidates several months of security, privacy, and lifecycle hardening work by the SecureBit.chat team.
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
# SecureBit.chat v4.8.5
|
||||
# SecureBit.chat v4.8.6
|
||||
|
||||
SecureBit.chat is a browser-based peer-to-peer chat application built on WebRTC and Web Crypto APIs. It is designed for direct encrypted communication, explicit peer verification, and a small operational footprint without account registration or server-side message storage.
|
||||
|
||||
@@ -15,20 +15,18 @@ SecureBit.chat uses:
|
||||
|
||||
A session is not treated as verified until both peers complete the interactive SAS flow. Each user must compare the displayed code with the peer through an out-of-band channel and enter the matching code manually. Three failed SAS attempts terminate the session.
|
||||
|
||||
## Highlights in v4.8.5
|
||||
## Highlights in v4.8.6
|
||||
|
||||
This release consolidates several months of security hardening work by the project team:
|
||||
This patch release strengthens the existing security model with a focused hardening pass:
|
||||
|
||||
- mandatory interactive SAS verification instead of passive click-through confirmation
|
||||
- deterministic SAS computation from shared session material
|
||||
- protocol version `4.1` negotiation with mismatch rejection
|
||||
- optional TURN relay-only privacy mode with clear warnings when TURN is unavailable
|
||||
- encrypted IndexedDB metadata with lazy migration from legacy plaintext records
|
||||
- explicit file-transfer consent before any receive buffers are allocated
|
||||
- strict file-type allowlist using both MIME type and extension checks
|
||||
- incoming decrypted message sanitization before UI delivery
|
||||
- improved disconnect, timer, file-transfer, and React UI cleanup behavior
|
||||
- pinned dependency versions and a clean `npm audit` baseline
|
||||
- SAS verification is bound to the actual DTLS fingerprint strings of both peers
|
||||
- chat sanitization uses DOMPurify-backed text-only output
|
||||
- WebRTC privacy mode is explicit and relay-only state stays synchronized at runtime
|
||||
- production debug window hooks are gated behind an explicit debug flag
|
||||
- receiver-side throttling covers inbound messages and file chunks
|
||||
- service-worker caching is restricted to an explicit safe-asset allowlist
|
||||
- disconnect cleanup leaves no orphaned delayed timer behind
|
||||
- `node_modules` is no longer tracked in Git
|
||||
|
||||
## Quick start
|
||||
|
||||
|
||||
+2
-2
@@ -1,5 +1,5 @@
|
||||
{
|
||||
"name": "SecureBit.chat v4.7.56 - ECDH + DTLS + SAS",
|
||||
"name": "SecureBit.chat v4.8.6 - ECDH + DTLS + SAS",
|
||||
"short_name": "SecureBit",
|
||||
"description": "P2P messenger with ECDH + DTLS + SAS security, military-grade cryptography and Lightning Network payments",
|
||||
"start_url": "./",
|
||||
@@ -114,4 +114,4 @@
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
Generated
+2
-2
@@ -1,12 +1,12 @@
|
||||
{
|
||||
"name": "securebit-chat",
|
||||
"version": "4.8.5",
|
||||
"version": "4.8.6",
|
||||
"lockfileVersion": 3,
|
||||
"requires": true,
|
||||
"packages": {
|
||||
"": {
|
||||
"name": "securebit-chat",
|
||||
"version": "4.8.5",
|
||||
"version": "4.8.6",
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"base64-js": "1.5.1",
|
||||
|
||||
+1
-1
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "securebit-chat",
|
||||
"version": "4.8.5",
|
||||
"version": "4.8.6",
|
||||
"description": "Secure P2P Communication Application with End-to-End Encryption",
|
||||
"main": "index.html",
|
||||
"scripts": {
|
||||
|
||||
Reference in New Issue
Block a user