Skip to content

2.0.5 “Lady Stardust” security release

Latest
Latest
Compare
Choose a tag to compare
@omar-polo omar-polo released this 11 Jun 08:33
· 37 commits to master since this release
2.0.5
This tag was signed with the committer’s verified signature.
omar-polo Omar Polo
SSH Key Fingerprint: GJMtbJHMtgpZz4GQL7Zx2af3b4jMSZBcPhXfQtWtWd4 Learn about vigilant mode.
cb384f4

signify(1) public key for this release: RWQ+Bm0F0FtPLtTnpRe09x/Z6Fiodk4toTZe2TJ4yCqDZ6l0c5wiU9te

This release fixes a logic error that cane result in a DoS; therefore is a strongly recommended update for all users. It is safe to update from any version of the 2.0.x series since there were no breaking changes.

  • allow again empty lines at the start of the configuration.
  • change how strnvis(3) is handled: on systems with the broken interface gmid will just use its own built-in version.
  • reject requests with NUL bytes in them.
  • don't error on a .. component at the start of the path.
Assets 6
Loading