Skip to content

Sanitization 1.0.1

Choose a tag to compare

View all tags
@eldryoth eldryoth released this 09 Jun 20:35
· 7 commits to main since this release
v1.0.1
This tag was signed with the committer’s verified signature.
eldryoth
SSH Key Fingerprint: EoLRQ5k4J5pYz3UMFmkrV798gYFNkToGS2xEPvebqB4
Verified
Learn about vigilant mode.
1d59273
This commit was signed with the committer’s verified signature.
eldryoth
SSH Key Fingerprint: EoLRQ5k4J5pYz3UMFmkrV798gYFNkToGS2xEPvebqB4
Verified
Learn about vigilant mode.

sanitization 1.0.1

Security patch release from pentest follow-up.

  • Fixed SecretPool::try_allocate random-canary failure cleanup so slot bitmap release happens exactly once.
  • Fixed native LockedSecretBytes<N> and GuardedSecretVec random-canary failure paths to avoid leaking locked/guarded mappings on CSPRNG failure.
  • Clarified deterministic canary disclosure limits and documented the !Sync safety assumption for canary-failure clearing paths.
Assets 2
Loading
0 Join discussion