Workflow

Blackhole

Latest version: v2.1.18

Safety actively analyzes 629723 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 4 of 6

2.0.13

======

- Fixed a misspelled TLS cipher. ``CDHE-ECDSA-AES128-GCM-SHA256`` should have
been written as ``ECDHE-ECDSA-AES128-GCM-SHA256``. This typo simply meant
that cipher was unavailable for use, the other nine strong ciphers were/are
still fully available.
- :ref:`configuration-options` document compiled.
- In-line comments in configuration files are now supported and the comment is
ignored.

.. code-block:: ini

listen = :25, :::25 IPv4 and IPv6

Will be read as.

.. code-block:: ini

listen = :25, :::25

- Large scale documentation updates. Pretty much everything should be fully
documented now, including all :py:exc:`SystemExit` calls including their
return codes.
- Added an option to disable :py:obj:`ssl.OP_SINGLE_DH_USE` and
:py:obj:`ssl.OP_SINGLE_ECDH_USE`. Reduces CPU overhead at the expense
of security. Disabled by default, warns if used. Slightly better for high
load environments. -- :ref:`command-line-options`

2.0.12

======

- Fixed a TLS cipher listing issue.

2.0.11

======

- Fixed bug with TLS context not being passed to the socket listener.

2.0.10

======

- Added error catching to :py:obj:`socket.SO_REUSEPORT` -- on some systems this
is available while still triggering a `Protocol Error` and causing blackhole
to crash. The error catching will attempt to set this option if it's
available but silently ignore it if it errors.

2.0.9

=====

- Added failsafe checks for IPv6 functionality. -- If you specify an IPv6
listener but Python or the kernel have not been compiled with IPv6 support,
an error will be returned.
- Moved out functionality for creating sockets and TLS contexts to separate
control functions.
- Added warning for TLS being used with no Diffie Hellman ephemeral parameters
being configured. -- :ref:`configuration-options`
- Added further security to TSL. The following options are now enforced.
:py:obj:`ssl.OP_NO_COMPRESSION`, :py:obj:`ssl.OP_SINGLE_DH_USE`,
:py:obj:`ssl.OP_SINGLE_ECDH_USE` and
:py:obj:`ssl.OP_CIPHER_SERVER_PREFERENCE`.
`See the Python documentation for more information on the flags
<https://docs.python.org/3/library/ssl.html#ssl.OP_CIPHER_SERVER_PREFERENCE>`_.

2.0.8

=====

- Added IPv6 support.

Page 4 of 6

Links

Releases

Has known vulnerabilities

Previous Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.