Releases: embedthis/goahead
v6.1.0
GoAhead v6.1.0 Release Notes
Release Date: November 3, 2025
Overview
GoAhead v6.1.0 is a significant maintenance release focused on security hardening, testing infrastructure modernization, and platform compatibility improvements. This release includes comprehensive security enhancements, migration to the TestMe testing framework, and numerous bug fixes across multiple platforms.
What's New
Testing Infrastructure Modernization
The most significant change in this release is the complete migration to the TestMe testing framework:
- Complete Framework Migration: Transitioned from legacy test system to modern TestMe framework
- Enhanced Test Coverage: Updated all unit tests for compatibility with new infrastructure
- Improved Reliability: Better test isolation and more reliable test execution
- Platform Support: Enhanced cross-platform testing on Linux, macOS, and Windows
Security Enhancements
This release includes extensive security improvements:
-
TLS/SSL Hardening:
- Disabled TLS renegotiation by default
- Set minimum OpenSSL protocol version
- Completely removed SSL2 support
- Enhanced certificate verification in MbedTLS
- Added default SSL certificate paths
-
Authentication & Cryptography:
- Implemented constant-time password comparison to prevent timing attacks
- Added Blowfish password integration for stronger password hashing
- Improved session ID generation using cryptographically random data
- Enhanced secret generation using random data
-
Code Hardening:
- Added recursion protection to JavaScript engine
- Hardened snprintf usage throughout codebase
- Implemented safe string operations
- Added OpenSSL control macros
Fixed Issues
Security Fixes
- CVE Mitigations:
- Fixed potential buffer overflow in
getAbsolutePath - Fixed CGI command line null padding vulnerability
- Fixed
websEncode64Blockfor proper binary data handling - Fixed digest authentication issues after security improvements
- Fixed potential buffer overflow in
Platform-Specific Fixes
-
Linux:
- Fixed ARM architecture support
- Improved build system compatibility
-
Windows:
- Fixed CGI implementation to ensure temp files are created securely
- Enhanced Windows build system
Protocol & Functionality Fixes
- Fixed HTTP header parsing to properly tolerate whitespace
- Multiple CI/CD pipeline improvements and stability fixes
Improvements
Build System
- Updated and improved Makefiles for better cross-platform support
- Enhanced packaging infrastructure
- Improved build configuration and dependency management
Code Quality
- Comprehensive code formatting standardization using uncrustify
- Added security-related code comments and documentation
- Enhanced error handling and validation
Documentation
- Updated README with current information
- Added AI context files for development assistance
- Enhanced security documentation
- Improved general documentation formatting
Development Infrastructure
- Updated Embedthis Updater library integration
- Added comprehensive CI/CD testing
- Improved build automation
Compatibility
Breaking Changes
None. This is a backwards-compatible release.
Deprecations
None.
Platform Support
- Linux: All major distributions (x86, x64, ARM)
- macOS: macOS 10.12+
- Windows: Windows 10+, Visual Studio 2019+
- Embedded: VxWorks, FreeRTOS
Dependencies
- OpenSSL 1.1+ or MbedTLS 2.x
- Standard C compiler (GCC, Clang, MSVC)
- Make or MakeMe build tool
- TestMe for running unit tests
Migration Guide
Upgrading from 6.0.x
No special migration steps required. This is a drop-in replacement for 6.0.x versions.
Configuration Changes
No configuration file changes required. Existing configurations will continue to work.
API Changes
No API changes. All existing APIs remain compatible.
Known Issues
None reported.
Security Advisories
This release addresses multiple security improvements identified during comprehensive security audit. While no specific CVEs were assigned, the following areas received hardening:
- Buffer overflow protection
- Timing attack prevention
- TLS/SSL configuration hardening
- Password storage improvements
- Random number generation
Testing
All unit tests pass on supported platforms:
- Linux (x86_64, ARM)
- macOS (Intel, Apple Silicon)
- Windows (x64)
Acknowledgments
Special thanks to the Embedthis team for the comprehensive security audit and testing infrastructure improvements.
Getting the Release
Source Code
- GitHub: https://github.com/embedthis/goahead/releases/tag/v6.1.0
- Direct Download: https://www.embedthis.com/goahead/download.html
Binary Packages
Binary packages are available for download from the Embedthis website:
Support
Commercial Support
Commercial support and licenses are available from:
Community Support
- GitHub Issues: https://github.com/embedthis/goahead/issues
- Documentation: https://www.embedthis.com/goahead/doc/
- Email: dev@embedthis.com
Security Issues
Please report security issues to: security@embedthis.com
What's Next
GoAhead is in maintenance mode. Future releases will focus on:
- Security updates (active)
- Critical bug fixes (as needed)
- Platform compatibility updates (as needed)
For new projects, consider the Ioto Device Agent, which provides modern IoT device management capabilities.
Commit Statistics
- 77 commits since v6.0.4
- Contributors: Embedthis development team
- Files changed: Multiple modules affected
- Focus areas: Security (40%), Testing (30%), Documentation (15%), Fixes (15%)
Full Changelog: v6.0.4...v6.1.0
v6.0.5
Minor Patch Release
This release incorporates the result of an extensive security audit using static tools, fuzzing and AI supported scanning.
While no security issues with relevant risk were discovered, the update tightens the code in many places.
Recommended Action
- Optional Upgrade -- Upgrade only if convenient
- Recommended Upgrade -- Upgrade recommended but not essential
- Essential Upgrade -- All users strongly advised to upgrade
Features
- Extensive documentation updates.
Fixes
- Harden NULL tolerance
- Extend integer overflow protection
- Replace string APIs with mpr alternatives and safe string APIs
- Update openssl configuration
- Improve URL character validation
- Cleanup some debug log trace
See
v6.0.4
Minor Patch Release
Recommended Action
- Optional Upgrade -- Upgrade only if convenient
- Recommended Upgrade -- Upgrade recommended but not essential
- Essential Upgrade -- All users strongly advised to upgrade
Features
- Add GPL open source license option
Fixes
- Update osdep
- Fix old github link references