Skip to content

v8.0.0-beta9 Clustering

Pre-release
Pre-release
Compare
Choose a tag to compare
@NHAS NHAS released this 15 May 02:25
· 57 commits to main since this release

This issue fixes a potential security vulnerability when clients roam between different cluster members.

In brief, an attacker who exploits a race condition after stealing a wireguard configuration may be able to piggy back a valid authorization sesssion if balanced to another cluster node than the valid user.

Bug Fix:

  • All devices now have an additional field that associates them with their last connected to cluster member