I was wondering what Ulink version the recent attacks were carried out on? I saw that 1.5.6 is unable to connect with anything 1.5.5 or lower. 1.5.6 is a recent release which would explain the "incompatible Ulink version" error people have been getting from non-updated clients, pirated versions, etc. Did the attacks force the update to 1.5.6? Or did the new version have to be patched?
Does it matter?
There was a vulnerability in the version of the ulink library Rust was using; that vulnerability's been fixed. This is a good thing, because you could DOS Rust servers with 20kb/s of packet traffic.
So the patched Ulink won't be open to the public until the rest of the server files are?
If you're trying to use ulink for a different project or something, and you want the patched version so you don't have the same DOS problem, you should contact the ulink guys. I suppose you could contact the devs, but I don't know that they have any authorization to distribute the patched version.
"Fixed possible DoS vulnerabilities which can be exploited by sending specially crafted bad packets."
Woops, may have spoke too soon. That is from 1.5.6 so I'm guessing 1.5.5 was patched, either way, thanks!
Sorry, you need to Log In to post a reply to this thread.
