SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libu2f-host0-1.1.10-150600.16.2.x86_64.rpm :

* Wed May 05 2021 paolo.peregoAATTsuse.com- Fix some compilation warnings about signedness in b64 routines- Fix some compilation warnings about unused variables- Using %autosetup macro
* Fri Aug 21 2020 malte.krausAATTsuse.com- Add support for json-c 0.14.0 (json-c-update.patch)
* Tue May 28 2019 kbabiochAATTsuse.de- Added libu2f-host-CVE-2019-9578.patch: Fixed fix filling out of initresp (CVE-2019-9578 bsc#1128140)
* Tue May 28 2019 kbabiochAATTsuse.de- Version 1.1.10 (released 2019-05-15) - Add new devices to udev rules. - Fix a potentially uninitialized buffer (CVE-2019-9578, bsc#1128140)
* Wed Mar 06 2019 kbabiochAATTsuse.de- Version 1.1.9 (released 2019-03-06) - Fix CID copying from the init response, which broke compatibility with some devices.
* Tue Mar 05 2019 kbabiochAATTsuse.de- Version 1.1.8 (released 2019-03-05) - Add udev rules - Drop 70-old-u2f.rules and use 70-u2f.rules for everything - Use a random nonce for setting up CID to prevent fingerprinting - CVE-2019-9578: Parse the response to init in a more stable way to prevent leakage of uninitialized stack memory back to the device (bnc#1128140). - removed libu2f-host-CVE-2019-9578.patch (upstream)
* Fri Feb 08 2019 kbabiochAATTsuse.de- Added libu2f-host-CVE-2018-20340.patch: Fixed an unchecked buffer, which could allow a buffer overflow with a custom made malicious USB device (bsc#1124781 CVE-2018-20340).
* Fri Feb 08 2019 kbabiochAATTsuse.de- Version 1.1.7 (released 2019-01-08) - Fix for trusting length from deivce in device init. - Fix for buffer overflow when receiving data from device. (YSA-2019-01, CVE-2018-20340, bsc#1124781) - Add udev rules for some new devices. - removed libu2f-host-CVE-2018-20340.patch (upstream)- Using %license macro- Applied spec-cleaner
* Tue May 15 2018 kbabiochAATTsuse.com- Version 1.1.6 (released 2018-05-15) - Change waiting logic on authenticate to allow for faster feedback.- Version 1.1.5 (released 2018-03-07) - Fix refcount when adding json_objects. - Handle fido2 keepalive. - Add udev rules for more devices.
* Wed Sep 13 2017 kkaempfAATTsuse.com- Version 1.1.4 (released 2017-09-01) - Added more u2f devices to the udev rulesets. - Increase buffer size, allowing for bigger certificates. - Add u2f.conf.sample for FreeBSD permission handling.
* Wed Oct 12 2016 t.grunerAATTkatodev.de- Version 1.1.3 (released 2016-10-04) - Added more u2f devices to the udev rulesets. - Fixup mac builds.- Version 1.1.2 (released 2016-06-22) - Make authenticate return U2FH_OK if touch is set to not needed. Also minor fixes to error output of authenticate. - Documentation fixes. - Compilation fixes on visual studio. - Add udev rules for Feitian devices. - Add optional cmake build. - Change license of the commandline tool to LGPL 2.1+- remove udev.patch
* Thu May 19 2016 t.grunerAATTkatodev.de- Add buildrequirement for libudev to select the rule for udev.- Add udev directories in %files- Add udev rule for Feitian ePass FIDO (udev.patch)- Change License for the library
* Wed Mar 23 2016 jengelhAATTinai.de- Avoid undesired blank lines at start of descriptions. Expand description. Trim filelist.
* Mon Mar 21 2016 t.grunerAATTkatodev.de- Version 1.1.1 (released 2016-03-14) - Use correct index in u2fh_devs_discover() - Fix an issue where we left the authenticate loop early. - Fix an issue where authenticate remembered which devices to skip. - Stop validating the scheme of the origin. - Fixup a crash in u2fh_devs_discover() with closing unplugged devices. - Documentation fixes.
* Thu Feb 18 2016 t.grunerAATTkatodev.de- Version 1.1.0 (released 2016-02-15) - Add udev rules for more devices. - Don’t return success when no data is received. - Fix typos. - Make send_apdu send data like chrome does. - Don’t release json object that we don’t own no more. - Don’t do memcmp on uninitialized memory. - Add u2fh_authenticate2() and u2fh_register2(). - Remove base64 padding (required by spec). - Use unsigned ints to prevent buffer overflows.
* Tue Oct 06 2015 t.grunerAATTkatodev.de- Remove fix in u2f-host/u2f-host.h- Cleanup .spec file
* Fri Sep 04 2015 t.grunerAATTkatodev.de- Fix path in u2f-host/u2f-host.h
* Tue Sep 01 2015 t.grunerAATTkatodev.de- Version 1.0.0 (released 2015-08-27) - Add udev rules for older version of udev. - Add pam:// as an allowed protocol. - Stop using sleep(), use Sleep() on windows and usleep() on others. - Fixup tool name in help and manpage. - Add a timeout to the register and authenticate actions.
* Fri Jan 23 2015 t.grunerAATTkatodev.de- Version 0.0.4 (released 2015-01-22) - Add an exponential growing timeout for slow devices (PlugUp).
* Thu Jan 08 2015 t.grunerAATTkatodev.de- Version 0.0.3 (released 2015-01-08) - Change license to LGPLv2+ for the library. - Some improvements to internal communication code. - Some debug mode improvements, from Bram Vandoren.
* Tue Dec 09 2014 t.grunerAATTkatodev.de- Version 0.0.2 (released 2014-11-28) - Add more devices to udev.
* Tue Oct 28 2014 t.grunerAATTkatodev.de- Version 0.0 (released 2014-09-16) - Initial release.
 
ICM