Skip to content

v1.2.0

Choose a tag to compare

View all tags
@github-actions github-actions released this 25 May 05:34
v1.2.0
09bd647
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Warning

Security release. Fixes a critical XMLDSig verification gap where Relyra 1.0.0 and 1.1.0 could accept forged SAML signatures (authentication bypass). 1.2.0 verifies the canonicalized SignedInfo with :public_key.verify, recomputes DigestValue in constant time on the consumed node, and applies the same guarantee to both response and metadata-root verification paths.

Advisory: GHSA-jv46-xfwm-36j7 (Critical, CVSS 9.1, CWE-347/287). Upgrade immediately; there is no safe configuration of 1.0.0/1.1.0.

1.2.0 (2026-05-25)

Features

  • 28-01: implement SaxyTree handler with ns stack + 3 normalizations (8738532)
  • 28-02: enveloped-sig transform pruning + PrefixList forced render + transform allowlist (ae9f16f)
  • 28-02: implement exclusive C14N 1.0 serialization core (b666926)
  • 28-03: bind exact tree node + delegate canonicalize/2 to the C14N engine (5565df5)
  • 28-03: route parse_safely onto the saxy tree, retire regex extractors (915d460)
  • 29-01: add ordered content field to SaxyTree.Node (D-09) (4411f91)
  • 29-02: add AlgorithmPolicy.digest_atom_for_signature_method/1 (RSA→atom, ECDSA fail-closed) (e63216e)
  • 29-02: surface D-02 fields (SignedInfo node, base64 Digest/SignatureValue) per candidate (5d1cfc9)
  • 29-03: wire real XMLDSig crypto into the [candidate] arm (D-01) (2e45689)
  • 29-04: build genuine XMLDSig test-signer (D-11) (c45864f)
  • 29-05: add metadata-root signed-candidates producer in pure_beam (502417f)
  • 29-05: rewire metadata pre-parse onto tree builder + prove SIGV-04 (6d4931e)
  • 30-01: delegate FakeIdP.sign to genuine signer + expose trust cert (D-01/D-03) (18f5bd8)
  • 30-03: add c14n-differential rejection row to security corpus (c7ec6a2)

Bug Fixes

  • 28-03: correct prot-unsigned-001 expectation to missing_protocol_field (63c5ca5)
  • 29-01: walk content in document order in C14N.render_element/3 (D-09) (8052658)
  • 29: close metadata trust bypass (CR-01) and pin over DER (CR-02) (8910200)
  • 29: thread cert_chain in plan 03 + add existing-test triage task to plan 04 (13094ef)
  • 29: tolerate line-wrapped base64 in Signature/DigestValue (WR-01) (ef44482)
  • 30-01: reconcile FakeIdP response_xml shape for genuine signing (D-02) (f9047fe)
  • 30-04: make ci.security honestly gate every security suite (cmd mix test per line) (8a144ed)
  • 30: harden ci.security meta-gate (AST parse, tag anchor, corpus_gate coverage) (07f4727)
  • deps: bump postgrex/plug/phoenix for CVEs; ignore unreachable decimal advisory (520d713)
Assets 2
Loading