Copyright (c) 2014-2023 Yubico AB - See COPYING
pam-u2f NEWS — History of user-visible changes. -- outline --
Version 1.3.1 (unreleased)
Version 1.3.0 (released 2023-03-14)
Add sanity checking of UV options to pamu2fcfg.
Add support for username expansion in the authfile path.
Improvements to the documentation.
Version 1.2.1 (released 2022-05-11)
Fixed an issue where native credentials could be truncated, resulting in failure to authenticate or successful authentication with missing options.
Stricter parsing of sshformat credentials.
pamu2fcfg now allows a combination of the --username and --nouser options.
Improved documentation on FIDO2 options.
Version 1.2.0 (released 2021-09-22)
Added support for EdDSA keys.
Added support for SSH ed25519-sk keys.
Added authenticator filtering based on user verification options.
Fixed an issue with privilege restoration on MacOS.
Fixed an issue where credentials created with pamu2fcfg 1.0.8 or earlier were not handled correctly if their origin and appid differed.
Miscellaneous improvements to the documentation.
Miscellaneous minor bug fixes found by fuzzing.
Version 1.1.1 (released 2021-05-19)
Fix an issue where PIN authentication could be bypassed (CVE-2021-31924).
Fix an issue with nodetect and non-resident credentials.
Fix build issues with musl libc.
Add support for self-attestation in pamu2fcfg.
Fix minor bugs found by fuzzing.
Version 1.1.0 (released 2020-09-17)
Add support to FIDO2 (move from libu2f-host+libu2f-server to libfido2).
Add support to User Verification
Add support to PIN Verification
Add support to Resident Credentials
Add support to SSH credential format
Version 1.0.8 (released 2019-06-04)
Fix debug file descriptor leak CVE-2019-12210.
Fix insecure debug file handling CVE-2019-12209. Both reported by Matthias Gerstner of the SUSE Security Team.
Fix a non-critical buffer oob access.
Version 1.0.7 (released 2018-05-15)
Add authpending_file to signal authentication activity
Add nodetect to skip to avoid unnecessary cue messages
Version 1.0.6 (released 2018-04-18)
Fix an issue when using syslog as a debug facility.
Do not honor cue if no sutable device is found.
Version 1.0.5 (released 2018-04-16)
General bugfixes and quality-of-life improvements.
Version 1.0.4 (released 2016-01-07)
Fixed possible permission escalation when using XDG_CONFIG_HOME.
Version 1.0.3 (released 2015-11-02)
Bugfix in pamu2fcfg.
Minor improvements for verbose mode in pamu2fcfg.
Version 1.0.2 (released 2015-10-06)
Changes to automake flags.
Improve build on OS X.
Version 1.0.1 (released 2015-06-18)
Minor changes to man pages and install hooks.
Version 1.0.0 (released 2015-06-17)
Use XDG_CONFIG_HOME as default for config files.
Added manual and interactive mode.
Added verbose mode.
Version 0.0.1 (released 2015-01-16)
Changed failure mode after authentication error.
Added call to setcred.
Version 0.0.0 (released 2014-12-16)