Skip to content

v1.6.2
Compare
Choose a tag to compare
@woju woju released this 12 Mar 11:09
· 175 commits to master since this release
v1.6.2
This tag was signed with the committer’s verified signature.
woju Wojtek Porczyk
GPG key ID: 044D9664E7A77E16
Learn about vigilant mode.
a971e30
This commit was signed with the committer’s verified signature.
woju Wojtek Porczyk
GPG key ID: 044D9664E7A77E16
Learn about vigilant mode.

This is a minor update to the release v1.6:

  • Security fixes (relevant for SGX):
    • Trusted files feature had the following security vulnerability: after fork, the metadata of currently-opened-in-parent-process trusted file (SHA256 hashes for each chunk of the file) was not available in the child SGX enclave. This effectively degenerated all currently-opened trusted files into allowed files, and thus the child enclave lost integrity guarantees in these trusted files. See #1796 for details.
  • Breaking changes:
    • Due to update of Sphinx, manpages cannot be built on *EL8 and are missing from .el8 RPM packages.

The installation instructions are the same as for the release v1.6.

Assets 7
Loading