- Use inclusive language on certificate distrust. Note: This changes the directory and attribute names to distrust certain CAs to
"blocklist" [#324] - Fix issues spotted by coverity and ASan [#349, #351]
- Integrate gettext with tools more tightly [#358]
- rpc: Forbid use of array of attributes [#365, #367]
- Build fixes [#342, #344, #345, #353, #362, #364]
Assets
4
- 0.23.22
-
bd97afb -
Verified
This tag was signed with the committer’s verified signature.ueno Daiki Ueno
- Fix memory-safety issues that affect the RPC protocol (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363), discovered and fixed by David Cook
- anchor: Prefer persistent format when storing anchor [#329]
- common: Fix infloop in p11_path_build [#326, #327]
- proxy: C_CloseAllSessions: Make sure that calloc args are non-zero [#325]
- common: Check for a NULL locale before freeing it [#321]
- Build and test fixes [#313, #315, #317, #318, #319, #323, #330, #333, #334, #335, #338, #339]
Assets
4
- common: add Russian PKCS#11 extensions to pkcs11x.h header [#255]
- Add simple bash completion for provided commands [#258]
- Unbreak list matching in enable-in and disable-in [#262]
- Fix RPC when length-s are 0 [#259]
- rpc: Add vsock transport support [#270]
- trust: Support CKA_NSS_{SERVER,EMAIL}_DISTRUST_AFTER [#265]
- Build fixes [#271, #272, #273, ...]
Assets
4
- autotools: Add more files from meson build in distribution
Assets
4
- rpc: Allow empty CK_DATE value [#253]
- build: Meson fixes [#245]
- build: Adjust feature parity between meson and autotools [#247]
NOTE: This version introduces symbol versioning. Once a dependent package is built with this p11-kit release, it cannot be linked with the prior versions of p11-kit.
Assets
4
- common: Fix uClibc-ng compilation [#237]
- trust: do not allow daylight to invalidate date validation [#236]
- build: Port to meson build system [#231, #234]
- rpc: On UNIX wait on condition variable instead of FD if header is for a different thread [#232]
- doc: Add 'server' command in help [#229]
- Build and test fixes [#230]
Assets
4
- proxy: Support C_WaitForSlotEvent() if CKF_DONT_BLOCK is specified [#225]
- conf: Ignore user configuration if the program is running as root [#226]
- proxy: Refresh slot list on every C_GetSlotList call [#224]
- modules: Fix index used in call to p11_dict_remove() [#219]
- Fix Win32 p11_dl_error crash [#218]
- modules: check gl.modules before iterates on it when freeing [#217]
- trust: Ignore unreadable content in anchors [#215]
- extract-jks: Prefer _p11_extract_jks_timestamp to SOURCE_DATE_EPOCH [#213]
Assets
4
PreviousNext