release: v4.8.6 security hardening patch
This commit is contained in:
lockbitchat
@@ -1,5 +1,34 @@
|
|||||||
# Changelog
|
# Changelog
|
||||||
|
|
||||||
|
## v4.8.6 — Security hardening patch release
|
||||||
|
|
||||||
|
This patch release strengthens SecureBit.chat across verification, sanitization, privacy, transport abuse resistance, cache safety, and repository hygiene.
|
||||||
|
|
||||||
|
### Security hardening
|
||||||
|
|
||||||
|
- Bound SAS verification to the actual DTLS fingerprint strings of both peers.
|
||||||
|
- Replaced regex-based chat sanitization with DOMPurify-backed sanitization.
|
||||||
|
- Made WebRTC privacy mode explicit and kept relay-only state synchronized at runtime.
|
||||||
|
- Removed production exposure of internal debug/control hooks.
|
||||||
|
- Added receiver-side rate limiting for inbound chat messages.
|
||||||
|
- Added receiver-side throttling for inbound file chunks.
|
||||||
|
|
||||||
|
### Runtime and privacy safety
|
||||||
|
|
||||||
|
- Hardened service-worker caching so only explicitly allowlisted safe assets are cached.
|
||||||
|
- Removed an untracked disconnect timer so teardown no longer leaves delayed callbacks behind.
|
||||||
|
- Preserved relay-only TURN behavior while making privacy implications clearer when relay-only mode is disabled or TURN is unavailable.
|
||||||
|
|
||||||
|
### Repository hygiene
|
||||||
|
|
||||||
|
- Stopped tracking `node_modules` in Git so platform-specific dependency binaries no longer pollute the repository or break cross-platform builds.
|
||||||
|
|
||||||
|
### Validation
|
||||||
|
|
||||||
|
- Full regression suite passes.
|
||||||
|
- Clean install succeeds with `npm ci`.
|
||||||
|
- Production build succeeds with `npm run build`.
|
||||||
|
|
||||||
## v4.8.5 — Security hardening release
|
## v4.8.5 — Security hardening release
|
||||||
|
|
||||||
This release consolidates several months of security, privacy, and lifecycle hardening work by the SecureBit.chat team.
|
This release consolidates several months of security, privacy, and lifecycle hardening work by the SecureBit.chat team.
|
||||||
|
|||||||
@@ -1,4 +1,4 @@
|
|||||||
# SecureBit.chat v4.8.5
|
# SecureBit.chat v4.8.6
|
||||||
|
|
||||||
SecureBit.chat is a browser-based peer-to-peer chat application built on WebRTC and Web Crypto APIs. It is designed for direct encrypted communication, explicit peer verification, and a small operational footprint without account registration or server-side message storage.
|
SecureBit.chat is a browser-based peer-to-peer chat application built on WebRTC and Web Crypto APIs. It is designed for direct encrypted communication, explicit peer verification, and a small operational footprint without account registration or server-side message storage.
|
||||||
|
|
||||||
@@ -15,20 +15,18 @@ SecureBit.chat uses:
|
|||||||
|
|
||||||
A session is not treated as verified until both peers complete the interactive SAS flow. Each user must compare the displayed code with the peer through an out-of-band channel and enter the matching code manually. Three failed SAS attempts terminate the session.
|
A session is not treated as verified until both peers complete the interactive SAS flow. Each user must compare the displayed code with the peer through an out-of-band channel and enter the matching code manually. Three failed SAS attempts terminate the session.
|
||||||
|
|
||||||
## Highlights in v4.8.5
|
## Highlights in v4.8.6
|
||||||
|
|
||||||
This release consolidates several months of security hardening work by the project team:
|
This patch release strengthens the existing security model with a focused hardening pass:
|
||||||
|
|
||||||
- mandatory interactive SAS verification instead of passive click-through confirmation
|
- SAS verification is bound to the actual DTLS fingerprint strings of both peers
|
||||||
- deterministic SAS computation from shared session material
|
- chat sanitization uses DOMPurify-backed text-only output
|
||||||
- protocol version `4.1` negotiation with mismatch rejection
|
- WebRTC privacy mode is explicit and relay-only state stays synchronized at runtime
|
||||||
- optional TURN relay-only privacy mode with clear warnings when TURN is unavailable
|
- production debug window hooks are gated behind an explicit debug flag
|
||||||
- encrypted IndexedDB metadata with lazy migration from legacy plaintext records
|
- receiver-side throttling covers inbound messages and file chunks
|
||||||
- explicit file-transfer consent before any receive buffers are allocated
|
- service-worker caching is restricted to an explicit safe-asset allowlist
|
||||||
- strict file-type allowlist using both MIME type and extension checks
|
- disconnect cleanup leaves no orphaned delayed timer behind
|
||||||
- incoming decrypted message sanitization before UI delivery
|
- `node_modules` is no longer tracked in Git
|
||||||
- improved disconnect, timer, file-transfer, and React UI cleanup behavior
|
|
||||||
- pinned dependency versions and a clean `npm audit` baseline
|
|
||||||
|
|
||||||
## Quick start
|
## Quick start
|
||||||
|
|
||||||
|
|||||||
+1
-1
@@ -1,5 +1,5 @@
|
|||||||
{
|
{
|
||||||
"name": "SecureBit.chat v4.7.56 - ECDH + DTLS + SAS",
|
"name": "SecureBit.chat v4.8.6 - ECDH + DTLS + SAS",
|
||||||
"short_name": "SecureBit",
|
"short_name": "SecureBit",
|
||||||
"description": "P2P messenger with ECDH + DTLS + SAS security, military-grade cryptography and Lightning Network payments",
|
"description": "P2P messenger with ECDH + DTLS + SAS security, military-grade cryptography and Lightning Network payments",
|
||||||
"start_url": "./",
|
"start_url": "./",
|
||||||
|
|||||||
Generated
+2
-2
@@ -1,12 +1,12 @@
|
|||||||
{
|
{
|
||||||
"name": "securebit-chat",
|
"name": "securebit-chat",
|
||||||
"version": "4.8.5",
|
"version": "4.8.6",
|
||||||
"lockfileVersion": 3,
|
"lockfileVersion": 3,
|
||||||
"requires": true,
|
"requires": true,
|
||||||
"packages": {
|
"packages": {
|
||||||
"": {
|
"": {
|
||||||
"name": "securebit-chat",
|
"name": "securebit-chat",
|
||||||
"version": "4.8.5",
|
"version": "4.8.6",
|
||||||
"license": "MIT",
|
"license": "MIT",
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"base64-js": "1.5.1",
|
"base64-js": "1.5.1",
|
||||||
|
|||||||
+1
-1
@@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "securebit-chat",
|
"name": "securebit-chat",
|
||||||
"version": "4.8.5",
|
"version": "4.8.6",
|
||||||
"description": "Secure P2P Communication Application with End-to-End Encryption",
|
"description": "Secure P2P Communication Application with End-to-End Encryption",
|
||||||
"main": "index.html",
|
"main": "index.html",
|
||||||
"scripts": {
|
"scripts": {
|
||||||
|
|||||||
Reference in New Issue
Block a user