Skip to content

v7.4
Compare
Choose a tag to compare
@cjeker cjeker released this 15 Dec 17:15
· 130 commits to master since this release
7.4
fb0f8f1

This release includes the following changes to the previous release:

  • Added support for validating BGPsec Router Public Keys.
  • Fix issues with chunked transfer encoding in the RRDP HTTP client.
  • Cleanup and improvement of how IO is handled.
  • Improvements in the way X509 certificates are verified.
  • Make rpki-client more resilient regarding untrusted input:
    • Limit the allowed character set for filename listings on
      Manifests.
    • Limit the length of SIA URIs.
    • Limit the size of certain untrusted inputs.
    • Don't exit on failures to parse x509 objects.
    • Limit the size of objects retreived via RRDP or RSYNC.
    • Limit the number of FileAndHash entries on a manifest.
    • Constrain RRDP such that the delta/snapshot files must be hosted
      at the same host as the notification file.
Assets 5
Loading