Async-h1 v2.3.0 security release (please upgrade)

Hi all, we've published async-h1 v2.3.0 which includes a patch for a critical security vulnerability affecting usage on proxied servers. We urge everyone using async-h1 or tide to update using cargo update as soon as possible.

We've published a security advisory covering the vulnerability in more detail. If you have any concerns and would like to reach out, the core team can be found on Zulip.

1 Like

This topic was automatically closed 90 days after the last reply. We invite you to open a new topic if you have further questions or comments.