• Bug fix: in certain circumstances we saw std::io::Write::write_vectored implementations that reported writing more bytes than were available, in violation of that method's invariants. This seems to happen on macOS with certain VPN software active. Now we detect and return an error from write_tls calls in this case. See #2316.
• Admit support for a wider set of SignatureSchemes in TLS1.3, so that external providers may support ED448, post-quantum signatures, and others. See #2420.

What's Changed

• Upgrade to hickory-resolver 0.25 by @djc in #2387
• Pin cargo-hack@0.6.33 for now by @ctz in #2389
• Revert "Pin cargo-hack@0.6.33 for now" by @ctz in #2390
• chore(deps): lock file maintenance by @renovate-bot in #2404
• Cargo: update aws-lc-fips-sys 0.13.4 -> 0.13.5 by @cpu in #2409
• chore(deps): update rust crate zlib-rs to 0.5 by @renovate-bot in #2407
• chore(deps): update dependency go to v1.24.2 by @renovate-bot in #2410
• chore: fix some typos by @xixishidibei in #2411
• Add cargo deny check in CI by @djc in #2412
• build(deps): bump openssl from 0.10.71 to 0.10.72 by @dependabot in #2413
• Take semver-compatible updates by @ctz in #2415
• Use tlswg name for draft-kwiatkowski-tls-ecdhe-mlkem by @ctz in #2418
• Invert working of SignatureScheme::supported_in_tls13 by @ctz in #2420
• Reduce use of library internals in tests by @ctz in #2421
• 0.23.26: Detect and error on faulty io::Write::write_vectored by @ctz in #2422

New Contributors

• @xixishidibei made their first contribution in #2411

Full Changelog: v/0.23.25...v/0.23.26