diff options
| -rw-r--r-- | Changelog | 14 | ||||
| -rwxr-xr-x | client | 2 | ||||
| -rwxr-xr-x | lacme | 2 | ||||
| -rwxr-xr-x | lacme-accountd | 2 | 
4 files changed, 17 insertions, 3 deletions
| @@ -1,3 +1,17 @@ +lacme (0.8.3) upstream; + +  + Fix post-issuance validation logic.  We avoid pining the +    intermediate certificates in the bundle and instead validate the +    leaf certificate with intermediates supplied during issuance as +    untrusted (used for chain building only).  Only the root +    certificates are used as trust anchor.  Not pining intermediate +    certificates is in line with Let's Encrypt's latest recommendations. +  + Pass `-in /dev/stdin` option to openssl(1) to avoid warning with +    OpenSSL 3.2 or later. +  + Fix test suite. + + -- Guilhem Moulin <guilhem@fripost.org>  Thu, 13 Jun 2024 17:39:34 +0200 +  lacme (0.8.2) upstream;    + client: Handle "ready" → "processing" → "valid" status change during @@ -43,7 +43,7 @@ use warnings;  # instance own by another user and created with umask 0177) is not a  # problem since SOCKET_FD can be bound as root prior to the execve(2). -our $VERSION = '0.8.2'; +our $VERSION = '0.8.3';  my $PROTOCOL_VERSION = 1;  my $NAME = 'lacme-client'; @@ -22,7 +22,7 @@ use v5.14.2;  use strict;  use warnings; -our $VERSION = '0.8.2'; +our $VERSION = '0.8.3';  my $NAME = 'lacme';  use Errno 'EINTR'; diff --git a/lacme-accountd b/lacme-accountd index 8d2c599..5bc8b5f 100755 --- a/lacme-accountd +++ b/lacme-accountd @@ -23,7 +23,7 @@ use v5.14.2;  use strict;  use warnings; -our $VERSION = '0.8.2'; +our $VERSION = '0.8.3';  my $PROTOCOL_VERSION = 1;  my $NAME = 'lacme-accountd'; | 
