forked from Yubico/pam-u2f
-
Notifications
You must be signed in to change notification settings - Fork 0
/
NEWS
79 lines (62 loc) · 2.88 KB
/
NEWS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
Copyright (c) 2014-2022 Yubico AB - See COPYING
pam-u2f NEWS -- History of user-visible changes. -*- outline -*-
* Version 1.2.2 (unreleased)
* Version 1.2.1 (released 2022-05-11)
** Fixed an issue where native credentials could be truncated, resulting in
failure to authenticate or successful authentication with missing options.
** Stricter parsing of sshformat credentials.
** pamu2fcfg now allows a combination of the --username and --nouser options.
** Improved documentation on FIDO2 options.
* Version 1.2.0 (released 2021-09-22)
** Added support for EdDSA keys.
** Added support for SSH ed25519-sk keys.
** Added authenticator filtering based on user verification options.
** Fixed an issue with privilege restoration on MacOS.
** Fixed an issue where credentials created with pamu2fcfg 1.0.8 or earlier
were not handled correctly if their origin and appid differed.
** Miscellaneous improvements to the documentation.
** Miscellaneous minor bug fixes found by fuzzing.
* Version 1.1.1 (released 2021-05-19)
** Fix an issue where PIN authentication could be bypassed (CVE-2021-31924).
** Fix an issue with nodetect and non-resident credentials.
** Fix build issues with musl libc.
** Add support for self-attestation in pamu2fcfg.
** Fix minor bugs found by fuzzing.
* Version 1.1.0 (released 2020-09-17)
** Add support to FIDO2 (move from libu2f-host+libu2f-server to libfido2).
** Add support to User Verification
** Add support to PIN Verification
** Add support to Resident Credentials
** Add support to SSH credential format
* Version 1.0.8 (released 2019-06-04)
** Fix debug file descriptor leak CVE-2019-12210.
** Fix insecure debug file handling CVE-2019-12209.
Both reported by Matthias Gerstner of the SUSE Security Team.
** Fix a non-critical buffer oob access.
* Version 1.0.7 (released 2018-05-15)
** Add authpending_file to signal authentication activity
** Add nodetect to skip to avoid unnecessary cue messages
* Version 1.0.6 (released 2018-04-18)
** Fix an issue when using syslog as a debug facility.
** Do not honor cue if no sutable device is found.
* Version 1.0.5 (released 2018-04-16)
** General bugfixes and quality-of-life improvements.
* Version 1.0.4 (released 2016-01-07)
** Fixed possible permission escalation when using XDG_CONFIG_HOME.
* Version 1.0.3 (released 2015-11-02)
** Bugfix in pamu2fcfg.
** Minor improvements for verbose mode in pamu2fcfg.
* Version 1.0.2 (released 2015-10-06)
** Changes to automake flags.
** Improve build on OS X.
* Version 1.0.1 (released 2015-06-18)
** Minor changes to man pages and install hooks.
* Version 1.0.0 (released 2015-06-17)
** Use XDG_CONFIG_HOME as default for config files.
** Added manual and interactive mode.
** Added verbose mode.
* Version 0.0.1 (released 2015-01-16)
** Changed failure mode after authentication error.
** Added call to setcred.
* Version 0.0.0 (released 2014-12-16)
** Initial release.