Overview
Security update for v2ray-core

This update for v2ray-core fixes the following issues:

- Update version to 5.33.0
* bump github.com/quic-go/quic-go from 0.51.0 to 0.52.0(boo#1243946 and CVE-2025-297850)
* Update other vendor source

- Update version to 5.31.0
* Add Dns Proxy Response TTL Control
* Fix call newError Base with a nil value error
* Update vendor (boo#1235164)

- Update version to 5.29.3
* Enable restricted mode load for http protocol client
* Correctly implement QUIC sniffer when handling multiple initial packets
* Fix unreleased cache buffer in QUIC sniffing
* A temporary testing fix for the buffer corruption issue
* QUIC Sniffer Restructure

- Update version to 5.22.0
* Add packetEncoding for Hysteria
* Add ECH Client Support
* Add support for parsing some shadowsocks links
* Add Mekya Transport
* Fix bugs

- Update version to 5.18.0
* Add timeout for http request roundtripper
* Fix ss2022 auth reader size overflow
* Add pie build mode to all binary builds
* Support "services" root config in cfgv4
* packet_encoding for config v4
* add MPTCP support
* Add (Experimental) Meyka Building Blocks to request Transport
* Add timeout for http request roundtripper
* Hysteria2: Add Hysteria2 Protocol
* Add AllowInsecureIfPinnedPeerCertificate option to tls security
* Add tls certChainHash command
* add support for socket activation
* Add pprof flag for debugging
* Fix bugs

- Update version to 5.16.1
* Add Keep-Alive to removed headers

- Update version to 5.15.1
* feat: RandomStrategy AliveOnly
* Improve container image tags and timestamp
* Add delay_auth_write to Socks5 Client Advanced Config
* Add MaxMin TLS version support in TLS Setting
* feat: RandomStrategy AliveOnly
* Improve container image tags and timestamp
* Fixed an encrypted traffic's malleable vulnerability that allow
integrity corruption by an attacker with a privileged network
position to silently drop segments of traffic from an encrypted
traffic stream.
* Update documents
* Fix bugs
- Update vendor, fix CVE-2024-22189 boo#1222488

- Update version to 5.12.1
* Shadowsocks2022 Client Support
* Apply DomainStrategy to outbound target
* Add DomainStrategy to JSONv5 outbound
* Add sniffing for TUN
* Add HTTPUpgrade transport
* It is a reduced version of WebSocket Transport that can pass many
reverse proxies and CDNs without running a WebSocket protocol stack
* TUN Support
* Add uTLS support for h2 transport
* Fix bugs

Fixed bugs
bnc#1235164
VUL-0: CVE-2023-49295: v2ray-core: github.com/quic-go/quic-go: memory exhaustion attack against QUIC's path validation mechanism
bnc#1243946
VUL-0: CVE-2025-29785: v2ray-core: github.com/quic-go/quic-go/internal/ackhandler: loss recovery logic for path probe packets can be used by a malicious QUIC client to trigger a null pointer dereference
bnc#1222488
VUL-0: CVE-2024-22189: v2ray-core: quic-go: memory exhaustion attack against QUIC's connection ID mechanism
CVE-2024-22189
CVE-2025-297850
Selected Binaries
openSUSE Build Service is sponsored by
Places