git.ipfire.org Git - thirdparty/FORT-validator.git/tag

Improvements since 1.6.2:

1.  780b9f7e092fe673: Update links to APNIC TALs
2.  #137: Update API usage for libxml2 2.12+
3.  #138: Add self-signed certificate signature validation
4.  #139, #141: Shuffle Manifest entries to complicate attacks relying
    on traversal order
5.  #143: Use HTTP compressed encoding when available
6.  5689dea5e878fed2: Prevent crash on malformed subjectPublicKey
7.  939d988551d17996: Prevent crash on malformed Key Usage
8.  b1eb3c507ae92085: Prevent crash on missing Authority Key Identifier
9.  4dafbd9de64a5a06: Prevent crash on missing signedAttrs
10. 942f921ba7244cdc: Prevent crash on missing eContent
11. 521b1a0db5041258: Prevent crash on BER-encoded signedAttrs

Thanks to @antecrescent for contributing 2, @job for 3-5, and @niklbird
and Haya Schulmann for researching and reporting 6-11.
-----BEGIN PGP SIGNATURE-----

iQJGBAABCgAwFiEEj5q8fvO6Vl+d8VeMchYP1XskKWcFAmbHbD4SHHlkYWhocmtA
Z21haWwuY29tAAoJEHIWD9V7JClng/IP/0gT/XsKN+QXNt1G/D1dLYlit244c45W
8uaeu2TskflDforrev3G8lOb8oZkUMjUB+4QjBgy9jm4N5qGNxXAHscsi8gSUyYz
Diik/jfnK6cmXzWgDoMhxMCzhXD5p/YuNBckzLK+P7HDGwXiOU8uXNY5GnLUfCtE
yoNSTHHR4ywlmvSjJnhwYyZkY+A5AYMa3gwqGuxFTX/LESe1mQ5tKJhgMADAS3uz
9yf1+j+gvdgMj8fSYMtmRppeQ1whRdJD3tZhpC2XA4XwcsrPb9pIqRX9PPlatCFF
pis6OVzctBMwa0x3SRVIjroCpbiGMS4N2LjpRvdbj5kS0+XCmcAh3YM14sjQcDnb
1CpztWjos2muEZNNussgG8GSElqFYzEJKC0Olmvk/3iZpwzM3wlgObuETVdmMv3c
xE27M834+i0LL6y57ay1B1C6XGAjg9Qn9DN+bdhO2ykyBUIL1njoHGRNbhfMJ48G
4veDbeQDR5QkFMN/CziipFQEgRK3VHlWW2bB6XTAFPO6aHqbhQTLcQ7nxK0UuVkb
hRQr9APngMnrEv2FmErKtl7CqgppgL992fx/nIsbRhhPaY/IhpMUHwraIQ47wOa6
k06b4WagA3+o2PKTUVN5yJwQPHkuOap3EUTUfeZMIxY2CQ3oEfySPBRKCDsf93Mn
5zYjHWIg9Iyp
=hUNa
-----END PGP SIGNATURE-----

object	554c5fa738791173dbf8261d68b4515708fc70ce	commit
author	Alberto Leiva Popper <ydahhrk@gmail.com>
	Thu, 22 Aug 2024 16:50:04 +0000 (10:50 -0600)