Skip to content

v0.6.1
Compare
Choose a tag to compare
@haydentherapper haydentherapper released this 04 Sep 20:06
· 161 commits to main since this release
v0.6.1
01e70e8
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What's Changed

v0.6.1 resolves a security advisory for a denial of service. See GHSA-cq38-jh5f-37mq for more information.

  • Add fuzz tests for bundle, tlog and verify packages by @AdamKorcz in #272
  • Add the ability to contruct TrustRoot from targets by @bkabrda in #247
  • add oss-fuzz build script by @AdamKorcz in #278
  • Fix proof of key possession generation by @adityasaky in #283
  • Add additional validation for nil elements in Bundles by @codysoyland in #285
  • Add hard limits for number of TSA entries, Tlog entries, and attestation subjects/digests by @codysoyland in #286

Full Changelog: v0.6.0...v0.6.1

Contributors

codysoyland, bkabrda, and 2 other contributors
Assets 2
Loading