Version 1.4.6

Released on 2017-04-06.

This patch release fixes a serious issue where Ratpack's HTTP client would not validate connections to HTTPS servers correctly (#1181). The certificate's domain name was not validated against the used connection address, meaning that any connection would be trusted as long as it had a trusted certificate.

This fix will not be backported to Ratpack 1.3.x or earlier. It is strongly recommended that all Ratpack users upgrade to 1.4.6.

Please see the release notes for 1.4.0 for changes since 1.3.x.

Pull Requests (0)

Resolved Issues (2)