Skip to content

v2.6.7
Compare
Choose a tag to compare
@opi opi released this 18 May 07:16
debian/2.6.7
37c0980

Emergency security release

  • [fix] uses a cryptographically secure source of randomness
  • [fix] Use hmac_sha512 instead of md5 for cookie hashing. Don't store the key in token anymore (#80)
  • [fix] don't include ip in token
  • Quick fix for CDA security issue

Thanks to @sidddy @Psycojoker for their work

Assets 2