v0.9.5
This is a security release that fixes a logic flaw in decryption in TransportState (i.e. the stateful one), where the nonce could increase even when decryption failed, which can cause a desync between the sender and receiver, opening this up as a denial of service vector if the attacker has the ability to inject packets in the channel Noise is talking over.
More details can be found in the advisory: GHSA-7g9j-g5jg-3vv3
All users are encouraged to update.