A platform for building proxies to bypass network restrictions.
v5.1.0 User Preview
v5.0.8 Developer Preview
This might be the last Developer Preview of V2Ray V5. We will soon begin to release User Preview that are signed and marked as stable. This User Preview will suitable for users to start using v5 version of V2Ray, and user facing config will be more stable than Developer Preview. The version number for that release will be v5.1.0, and then increase middle version number for each regular update, then a minor version increase for minor patches.
For testing purpose, this v5.0.8 version might be signed as well.
This is a pre-release version of V2Ray intended for developer preview. Users are not advised to use this version right now. Contributors are encouraged to send pull requests to the V5 version of the codebase. This release note is being edited to reflect all significant changes made to the codebase, please contact us if you think something is missing. Most new features are currently undocumented. The documents will be updated over time.
This release includes security enhancement for all users.
This update fixes a DoS vulnerability in V2Ray. This vulnerability allows a VMess Client with authentication information controlled by an attacker to crash a VMess Server by sending a specially crafted VMess handshake message with an invalid option or encryption type. This vulnerability does NOT allow the attacker to retrieve any information(other than it used an unpatched version of the software) and does NOT allow an attacker to control the unpatched software or system. It is strongly recommended for all users to apply this security update at the earliest possible opportunity. We would like to thank @nekohasekai for the discovery of this vulnerability.
此更新修复了在 V2Ray 中的一个拒绝服务攻击漏洞。这个漏洞允许攻击者控制的拥有认证信息的 VMess 客户端迫使 VMess 服务器端崩溃。这个漏洞可以通过在 VMess 握手阶段由客户端发送一个恶意的数据包被触发,触发漏洞数据包拥有无效的选项或加密方式。 攻击者 无法 通过这个漏洞获取任何信息(除客户端尚未应用此安全更新以外),也 不会 允许攻击者控制客户端软件或系统。强烈推荐所有用户在第一时间应用本安全更新。我们在此感谢 @nekohasekai 发现此漏洞。
Edit: Fixed a typo. Last version of this document withdrawn.
This release have with withdrawn.
This release includes security enhancement for all users.
This update fixes a DoS vulnerability in V2Ray. This vulnerability allows a VMess Client with authentication information controlled by an attacker to crash a VMess Server by sending a specially crafted VMess handshake message with an invalid option or encryption type. This vulnerability does NOT allow the attacker to retrieve any information(other than it used an unpatched version of the software) and does NOT allow an attacker to control the unpatched software or system. It is strongly recommended for all users to apply this security update at the earliest possible opportunity. We would like to thank @nekohasekai for the discovery of this vulnerability.
此更新修复了在 V2Ray 中的一个拒绝服务攻击漏洞。这个漏洞允许攻击者控制的拥有认证信息的 VMess 客户端迫使 VMess 服务器端崩溃。这个漏洞可以通过在 VMess 握手阶段由客户端发送一个恶意的数据包被触发,触发漏洞数据包拥有无效的选项或加密方式。 攻击者 无法 通过这个漏洞获取任何信息(除客户端尚未应用此安全更新以外),也 不会 允许攻击者控制客户端软件或系统。强烈推荐所有用户在第一时间应用本安全更新。我们在此感谢 @nekohasekai 发现此漏洞。
Edit: Fixed a typo. Last version of this document withdrawn.
v5.0.5 Developer Preview
This is a pre-release version of V2Ray intended for developer preview. Users are not advised to use this version right now. Contributors are encouraged to send pull requests to the V5 version of the codebase. This release note is being edited to reflect all significant changes made to the codebase, please contact us if you think something is missing. Most new features are currently undocumented. The documents will be updated over time.
Fix TLS Client Certificate Verify setting is not applied. Most users do not use this feature in V5.
TLS Certificates are required to have usage set to AUTHORITY_VERIFY, or AUTHORITY_VERIFY_CLIENT to be recognized as respective CA.
v5.0.5 Developer Preview
This is a pre-release version of V2Ray intended for developer preview. Users are not advised to use this version right now. Contributors are encouraged to send pull requests to the V5 version of the codebase. This release note is being edited to reflect all significant changes made to the codebase, please contact us if you think something is missing. Most new features are currently undocumented. The documents will be updated over time.