File: NEWS

package info (click to toggle)
pam-u2f 1.0.8-1
  • links: PTS, VCS
  • area: main
  • in suites: bullseye, sid
  • size: 1,764 kB
  • sloc: sh: 4,465; ansic: 1,672; makefile: 88
file content (46 lines) | stat: -rw-r--r-- 1,515 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
Copyright (c) 2014-2018 Yubico AB - See COPYING

pam-u2f NEWS -- History of user-visible changes.          -*- outline -*-

* Version 1.0.8 (released 2019-06-04)
 ** Fix debug file descriptor leak CVE-2019-12210.
 ** Fix insecure debug file handling CVE-2019-12209.
 Both reported by Matthias Gerstner of the SUSE Security Team.
 ** Fix a non-critical buffer oob access.

* Version 1.0.7 (released 2018-05-15)
 ** Add authpending_file to signal authentication activity
 ** Add nodetect to skip to avoid unnecessary cue messages

* Version 1.0.6 (released 2018-04-18)
 ** Fix an issue when using syslog as a debug facility.
 ** Do not honor cue if no sutable device is found.

* Version 1.0.5 (released 2018-04-16)
 ** General bugfixes and quality-of-life improvements.

* Version 1.0.4 (released 2016-01-07)
 ** Fixed possible permission escalation when using XDG_CONFIG_HOME.

* Version 1.0.3 (released 2015-11-02)
 ** Bugfix in pamu2fcfg.
 ** Minor improvements for verbose mode in pamu2fcfg.

* Version 1.0.2 (released 2015-10-06)
 ** Changes to automake flags.
 ** Improve build on OS X.

* Version 1.0.1 (released 2015-06-18)
 ** Minor changes to man pages and install hooks.

* Version 1.0.0 (released 2015-06-17)
 ** Use XDG_CONFIG_HOME as default for config files.
 ** Added manual and interactive mode.
 ** Added verbose mode.

* Version 0.0.1 (released 2015-01-16)
 ** Changed failure mode after authentication error.
 ** Added call to setcred.

* Version 0.0.0 (released 2014-12-16)
 ** Initial release.