Source: golang-refraction-networking-utls Version: 1.2.1-2 Severity: important Tags: security upstream X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi, The following vulnerability was published for golang-refraction-networking-utls. CVE-2026-26994[0]: | uTLS is a fork of crypto/tls, created to customize ClientHello for | fingerprinting resistance while still using it for the handshake. In | versions 1.6.7 and below, uTLS did not implement the TLS 1.3 | downgrade protection mechanism specified in RFC 8446 Section 4.1.3 | when using a uTLS ClientHello spec. This allowed an active network | adversary to downgrade TLS 1.3 connections initiated by a uTLS | client to a lower TLS version (e.g., TLS 1.2) by modifying the | ClientHello message to exclude the SupportedVersions extension, | causing the server to respond with a TLS 1.2 ServerHello (along with | a downgrade canary in the ServerHello random field). Because uTLS | did not check the downgrade canary in the ServerHello random field, | clients would accept the downgraded connection without detecting the | attack. This attack could also be used by an active network attacker | to fingerprint uTLS connections. This issue has been fixed in | version 1.7.0. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2026-26994 https://www.cve.org/CVERecord?id=CVE-2026-26994 [1] https://github.com/refraction-networking/utls/security/advisories/GHSA-pmc3-p9hx-jq96 [2] https://github.com/refraction-networking/utls/commit/f8892761e2a4d29054264651d3a86fda83bc83f9 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
