-
debian/1.6.7-1f70b4a52 · ·
fort-validator release 1.6.7-1 for unstable [dgit distro=debian split --quilt=gbp] [dgit please-upload source=fort-validator version=1.6.7-1 upstream-tag=1.6.7 upstream=6a60fabdda61040e7aa20a28bbdabef070495859]
-
1.6.4b0914e8c · ·
Improvements since 1.6.3: - #74, #147: Add `--rsync.transfer-timeout` - #144: Improve compliance with RFC 9589 - #146: Set default HTTP transfer timeout to 900 - df66990: Improve Key Usage validation more Thanks to Koen van Hove for reporting #74, and @job for pull-requesting #144, #146 and #147.
-
1.6.3554c5fa7 · ·
Improvements since 1.6.2: 1. 780b9f7e092fe673: Update links to APNIC TALs 2. #137: Update API usage for libxml2 2.12+ 3. #138: Add self-signed certificate signature validation 4. #139, #141: Shuffle Manifest entries to complicate attacks relying on traversal order 5. #143: Use HTTP compressed encoding when available 6. 5689dea5e878fed2: Prevent crash on malformed subjectPublicKey 7. 939d988551d17996: Prevent crash on malformed Key Usage 8. b1eb3c507ae92085: Prevent crash on missing Authority Key Identifier 9. 4dafbd9de64a5a06: Prevent crash on missing signedAttrs 10. 942f921ba7244cdc: Prevent crash on missing eContent 11. 521b1a0db5041258: Prevent crash on BER-encoded signedAttrs Thanks to @antecrescent for contributing 2, @job for 3-5, and @niklbird and Haya Schulmann for researching and reporting 6-11. -
1.6.2b00bec96 · ·
Improvements since 1.6.2: - #106: Fix header version for Code 4 Error PDUs. - 202e0fe34dc3c8dcb1a0ad12faa7f4d5a7c91b2d: Bind all --server.address addresses, not just the first that succeeds. (And also a few other tweaks to the bind algorithm.) - This changed --server.address's default value: [0] - 7846f008a288c3913d7c30f22781544cde84b0b3: Fix bad date management in the cache, which caused files to expire at incorrect timings. - Add `--mode=print`, an operation mode that Jsonifies an RPKI file into standard output: [1] - #111: Add rtrlib to the docker image. - #133: Restore the "now you can connect your routers" warning (for the time being). Also, the documentation now includes a roadmap: [2] Minor bugfixes: - 22785583f07a874e5a6dace27ca13b2d56e02e54, 1165270e73508b9fb3dfdc0294a5926d56679c75, cc17e139ab30cc1fcbcd3c06f5e32813027b1159, 17250cb7b77d443d5a8ce3957a280a2b230beedf: Improve libcrypto API usage - 6d7985b72fa3462d311aa9421e1342fcaa2deef6: Fix really bad usage of standard library function `strtol()`. [0] https://nicmx.github.io/FORT-validator/usage.html#--serveraddress [1] https://nicmx.github.io/FORT-validator/mode-print.html [2] https://nicmx.github.io/FORT-validator/intro-fort.html#roadmap
-
1.6.12cacd2c8 · ·
Improvements since 1.6.0: - #101: - Enhance portability of unit tests. - Disable misleading unit test error messages. - #102: Upgrade `autogen.sh` so the `configure` script can also be easily generated in OpenBSD and FreeBSD. - #103: - Remove useless logging messages during startup. - Stop printing logging severity (`INF`, `WRN`, `ERR`) in syslog. - 31414cd2ab6634c53a5ca31531674a82bf778d1c: Rephrase HTTP GET logs. - Remove false alarm error message at the end of validation cycle logs: > Cannot generate [rsync URL]'s cage. I'm probably going to end up > deleting it from the cache. - #104: Add `CACHEDIR.TAG` file to cache, to hint backup software not to synchronize it. (See https://bford.info/cachedir/) - ec918adeb0e641d41ee2571fd717cad139d939ad: Remove bug-induced Cache Resets during RTR communication. - 161c2af306d1e2ea87cfe540f1b69770ff84bd8d: Automatically clean up cache whenever Fort's version changes.