|
1 | 1 | == Version 1.6.4 == |
2 | 2 |
|
3 | | -- Changed dependency declarations to version ranges |
4 | | -- Bumped Guava dependency to version [24.1.1,30) in response to CVE-2018-10237 |
| 3 | +* Changed dependency declarations to version ranges |
| 4 | +* Bumped Guava dependency to version [24.1.1,30) in response to CVE-2018-10237 |
5 | 5 |
|
6 | 6 |
|
7 | 7 | == Version 1.6.3 == |
8 | 8 |
|
9 | 9 | webauthn-server-attestation: |
10 | 10 |
|
11 | | -- Added new YubiKey AAGUIDs to metadata.json |
| 11 | +* Added new YubiKey AAGUIDs to metadata.json |
12 | 12 |
|
13 | 13 |
|
14 | 14 | webauthn-server-core: |
15 | 15 |
|
16 | | -- Bumped Jackson dependency to version 2.11.0 in response to CVEs: |
17 | | - - CVE-2020-9546 |
18 | | - - CVE-2020-10672 |
19 | | - - CVE-2020-10969 |
20 | | - - CVE-2020-11620 |
21 | | -- Fixed incorrect JavaDoc on AssertionResult.isSignatureCounterValid(): it will |
| 16 | +* Bumped Jackson dependency to version 2.11.0 in response to CVEs: |
| 17 | + ** CVE-2020-9546 |
| 18 | + ** CVE-2020-10672 |
| 19 | + ** CVE-2020-10969 |
| 20 | + ** CVE-2020-11620 |
| 21 | +* Fixed incorrect JavaDoc on AssertionResult.isSignatureCounterValid(): it will |
22 | 22 | also return true if both counters are zero. |
23 | 23 |
|
24 | 24 |
|
25 | 25 | == Version 1.6.2 == |
26 | 26 |
|
27 | | -- Fixed dependencies missing from release POM metadata |
| 27 | +* Fixed dependencies missing from release POM metadata |
28 | 28 |
|
29 | 29 |
|
30 | 30 | == Version 1.6.1 == |
31 | 31 |
|
32 | 32 | Security fixes: |
33 | 33 |
|
34 | | -- Bumped Jackson dependency to version 2.9.10.3 in response to CVE-2019-20330 |
| 34 | +* Bumped Jackson dependency to version 2.9.10.3 in response to CVE-2019-20330 |
35 | 35 | and CVE-2020-8840 |
36 | 36 |
|
37 | 37 |
|
38 | 38 | == Version 1.6.0 == |
39 | 39 |
|
40 | 40 | Security fixes: |
41 | 41 |
|
42 | | -- Bumped Jackson dependency to version 2.9.10.1 which has patched CVE-2019-16942 |
| 42 | +* Bumped Jackson dependency to version 2.9.10.1 which has patched CVE-2019-16942 |
43 | 43 |
|
44 | 44 | `webauthn-server-core`: |
45 | 45 |
|
46 | 46 | Bug fixes: |
47 | 47 |
|
48 | | -- Fixed bug introduced in 1.4.0, which caused |
| 48 | +* Fixed bug introduced in 1.4.0, which caused |
49 | 49 | `RegistrationResult.attestationMetadata` to always be empty. |
50 | 50 |
|
51 | 51 |
|
52 | 52 | `webauthn-server-attestation`: |
53 | 53 |
|
54 | | -- New enum constant `Transport.LIGHTNING` |
55 | | -- Fixed transports field of YubiKey NEO/NEO-n in `metadata.json`. |
56 | | -- Added YubiKey 5Ci to `metadata.json`. |
57 | | -- Most `deviceUrl` fields in `metadata.json` changed to point to stable |
| 54 | +* New enum constant `Transport.LIGHTNING` |
| 55 | +* Fixed transports field of YubiKey NEO/NEO-n in `metadata.json`. |
| 56 | +* Added YubiKey 5Ci to `metadata.json`. |
| 57 | +* Most `deviceUrl` fields in `metadata.json` changed to point to stable |
58 | 58 | addresses in Yubico knowledge base instead of dead redirects in store. |
59 | 59 |
|
60 | 60 |
|
|
0 commit comments