v0.5.1 — Security Patch

Security Fix

SSRF guard bypass via IPv6-to-IPv4 transition addresses (GHSA-j8q9-r9pq-2hh9)

The web_fetch tool's SSRF protection could be bypassed using IPv6-to-IPv4 transition addresses that embed private IPv4 addresses. An attacker could reach internal services (including cloud metadata endpoints like 169.254.169.254) via addresses such as:

• ::ffff:127.0.0.1 (IPv4-mapped)
• 64:ff9b::169.254.169.254 (NAT64)
• 2002:7f00:0001:: (6to4)
• 2001:0000::80ff:fefe (Teredo)
• ::5efe:10.0.0.1 (ISATAP)

Fix

is_private_or_local_ipv6() now extracts the embedded IPv4 from all 6 transition address types and validates it against the existing IPv4 private/local checks.

Upgrade

All users of web_fetch should upgrade to v0.5.1.

cargo install zeptoclaw@0.5.1

Credit

Reported by @zpbrent

What's Changed

• feat: gateway security — sliding-window rate limiter + idempotency store by @qhkm in #95
• feat: operational tooling — doctor, daemon, health registry by @qhkm in #97
• feat: memory improvements — hygiene scheduler + snapshot export/import by @qhkm in #99
• feat: skill discovery via GitHub source + CLI search/install by @qhkm in #102
• fix: SSRF guard bypass via IPv6-to-IPv4 transition addresses by @qhkm in #105

Full Changelog: v0.5.0...v0.5.1