Skip to content

v1.0.19 — security housekeeping (2026-07-05)

Choose a tag to compare

@tcconnally tcconnally released this 05 Jul 23:47
a042c8d

Patch release shipping the 2026-07-05 review housekeeping follow-ups (#684).

  • Self-update fails closed — unattended (update.auto) refuses without a configured update.gpg_fingerprint; a set fingerprint enforces a matching, valid signature. --skip-signature-check still bypasses.
  • @perseus fences remote content as untrusted DATA (blocks prompt-injection from a hostile/compromised peer).
  • Webhook empty-secret fails closed (no silent unsigned delivery).
  • serve rejects a missing Host on loopback binds (DNS-rebinding).
  • Vault-connector CWD binary search gated behind PERSEUS_DEV_VAULT_BUILD=1 (CWE-427).

See docs/security-review-2026-07-05.md.