1Copyright (c) 2014-2021 Yubico AB - See COPYING 2 3pam-u2f NEWS -- History of user-visible changes. -*- outline -*- 4 5* Version 1.2.0 (released 2021-09-22) 6** Added support for EdDSA keys. 7** Added support for SSH ed25519-sk keys. 8** Added authenticator filtering based on user verification options. 9** Fixed an issue with privilege restoration on MacOS. 10** Fixed an issue where credentials created with pamu2fcfg 1.0.8 or earlier 11were not handled correctly if their origin and appid differed. 12** Miscellaneous improvements to the documentation. 13** Miscellaneous minor bug fixes found by fuzzing. 14 15* Version 1.1.1 (released 2021-05-19) 16** Fix an issue where PIN authentication could be bypassed (CVE-2021-31924). 17** Fix an issue with nodetect and non-resident credentials. 18** Fix build issues with musl libc. 19** Add support for self-attestation in pamu2fcfg. 20** Fix minor bugs found by fuzzing. 21 22* Version 1.1.0 (released 2020-09-17) 23 ** Add support to FIDO2 (move from libu2f-host+libu2f-server to libfido2). 24 ** Add support to User Verification 25 ** Add support to PIN Verification 26 ** Add support to Resident Credentials 27 ** Add support to SSH credential format 28 29* Version 1.0.8 (released 2019-06-04) 30 ** Fix debug file descriptor leak CVE-2019-12210. 31 ** Fix insecure debug file handling CVE-2019-12209. 32 Both reported by Matthias Gerstner of the SUSE Security Team. 33 ** Fix a non-critical buffer oob access. 34 35* Version 1.0.7 (released 2018-05-15) 36 ** Add authpending_file to signal authentication activity 37 ** Add nodetect to skip to avoid unnecessary cue messages 38 39* Version 1.0.6 (released 2018-04-18) 40 ** Fix an issue when using syslog as a debug facility. 41 ** Do not honor cue if no sutable device is found. 42 43* Version 1.0.5 (released 2018-04-16) 44 ** General bugfixes and quality-of-life improvements. 45 46* Version 1.0.4 (released 2016-01-07) 47 ** Fixed possible permission escalation when using XDG_CONFIG_HOME. 48 49* Version 1.0.3 (released 2015-11-02) 50 ** Bugfix in pamu2fcfg. 51 ** Minor improvements for verbose mode in pamu2fcfg. 52 53* Version 1.0.2 (released 2015-10-06) 54 ** Changes to automake flags. 55 ** Improve build on OS X. 56 57* Version 1.0.1 (released 2015-06-18) 58 ** Minor changes to man pages and install hooks. 59 60* Version 1.0.0 (released 2015-06-17) 61 ** Use XDG_CONFIG_HOME as default for config files. 62 ** Added manual and interactive mode. 63 ** Added verbose mode. 64 65* Version 0.0.1 (released 2015-01-16) 66 ** Changed failure mode after authentication error. 67 ** Added call to setcred. 68 69* Version 0.0.0 (released 2014-12-16) 70 ** Initial release. 71