- Fix memory-safety issues that affect the RPC protocol (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363), discovered and fixed by David Cook
- anchor: Prefer persistent format when storing anchor [#329]
- common: Fix infloop in p11_path_build [#326, #327]
- proxy: C_CloseAllSessions: Make sure that calloc args are non-zero [#325]
- common: Check for a NULL locale before freeing it [#321]
- Build and test fixes [#313, #315, #317, #318, #319, #323, #330, #333, #334, #335, #338, #339]
Assets
4
ueno
released this
0.23.20 (stable)
- Revert "Fix RPC when length-s are 0" changes [#276]
Assets
4
ueno
released this
- common: add Russian PKCS#11 extensions to pkcs11x.h header [#255]
- Add simple bash completion for provided commands [#258]
- Unbreak list matching in enable-in and disable-in [#262]
- Fix RPC when length-s are 0 [#259]
- rpc: Add vsock transport support [#270]
- trust: Support CKA_NSS_{SERVER,EMAIL}_DISTRUST_AFTER [#265]
- Build fixes [#271, #272, #273, ...]
Assets
4
ueno
released this
- autotools: Add more files from meson build in distribution
Assets
4
ueno
released this
- rpc: Allow empty CK_DATE value [#253]
- build: Meson fixes [#245]
- build: Adjust feature parity between meson and autotools [#247]
NOTE: This version introduces symbol versioning. Once a dependent package is built with this p11-kit release, it cannot be linked with the prior versions of p11-kit.
Assets
4
ueno
released this
- common: Fix uClibc-ng compilation [#237]
- trust: do not allow daylight to invalidate date validation [#236]
- build: Port to meson build system [#231, #234]
- rpc: On UNIX wait on condition variable instead of FD if header is for a different thread [#232]
- doc: Add 'server' command in help [#229]
- Build and test fixes [#230]
Assets
4
ueno
released this
- tests: Avoid uninitialized value in test-proxy.c [#230]
Assets
4
ueno
released this
- proxy: Support C_WaitForSlotEvent() if CKF_DONT_BLOCK is specified [#225]
- conf: Ignore user configuration if the program is running as root [#226]
- proxy: Refresh slot list on every C_GetSlotList call [#224]
- modules: Fix index used in call to p11_dict_remove() [#219]
- Fix Win32 p11_dl_error crash [#218]
- modules: check gl.modules before iterates on it when freeing [#217]
- trust: Ignore unreadable content in anchors [#215]
- extract-jks: Prefer _p11_extract_jks_timestamp to SOURCE_DATE_EPOCH [#213]
Assets
4
ueno
released this
- trust: Improve error handling if backed trust file is corrupted [#206]
- url: Prefer upper-case letters in hex characters when encoding [#193]
- trust/extract-jks.c: also honor SOURCE_DATE_EPOCH time [#202]
- virtual: Prefer fixed closures to libffi closures [#196]
- Fix issues spotted by coverity and cppcheck [#194, #204]
- Build and test fixes [#164, #191, #199, #201]