|Tags||boot security cryptography systems administration|
1.8.409 Apr 2019 20:36 minor bugfix: Fix of minor memory leak, and fix in Debian packaging to not conflict with the "dropbear-initramfs" package.
1.8.311 Feb 2019 06:46 minor feature: Minor fix to packaging dependencies, and elimination of some compiler warnings.
1.8.210 Feb 2019 10:58 minor bugfix: Minor bug fix to packaging, and in client's mandos-keygen, ignore failures to remove files in some cases.
1.8.110 Feb 2019 09:37 major bugfix: TLS key generation only worked when using GnuTLS 3.6.6; fix this by only generating keys if this is the case.
1.8.010 Feb 2019 05:44 major feature: Now supports systems having GnuTLS 3.6.6 or later by using TLS "raw public keys" (RFC 7250).
1.7.1922 Feb 2018 20:33 minor bugfix: Client bug fix: Avoid LeakSanitizer message and error by not using LeakSanitizer for the binary using libraries which leak memory.
1.7.1812 Feb 2018 18:06 minor bugfix: Client bug fix: Revert faulty fix for a nonexistent bug in the plugin-runner.
1.7.1710 Feb 2018 22:06 minor bugfix: Client bug fix: Fix memory leaks in password-prompt and the plymouth plugin.
1.7.1620 Aug 2017 20:11 minor bugfix: Client bug fix: Fix memory leak in password-prompt to eliminate ugly warnings when plymouth is installed. Client bug fix: Ignore "resumedev" entries in initramfs' cryptroot file.
1.7.1523 Feb 2017 21:13 minor bugfix: Server Bug fix: Respect the mandos.conf "zeroconf" and "restore" options. Client bug fix in "mandos-keygen": Handle backslashes in passphrases.
1.7.1425 Jan 2017 20:24 minor bugfix: Server Minor Bug fix: Don't use deprecated directive name in systemd service file.
1.7.1308 Oct 2016 06:27 minor bugfix: Client Minor Bug fix: Don't ask for passphrase or fail when generating keys using GnuPG 2.1 in a chrooted environment.
1.7.1205 Oct 2016 20:57 major bugfix: Client Bug fix: Don't crash after exit() when using DH parameters file
1.7.1101 Oct 2016 15:25 minor bugfix: Client Security fix: Don't compile with AddressSanitizer. Server Bug fix: Find GnuTLS library when gnutls28-dev is not installed. Server Bug Fix: Include "Expires" and "Last Checker Status" in mandos-ctl verbose output. Server New Feature: New option for mandos-ctl: --dump-json
1.7.1023 Jun 2016 21:10 minor bugfix: Client security fix: restrict permissions of /etc/mandos/plugin-helpers directory (by default empty). Server bug fix: Make the --interface flag work with Python 2.7 when "cc" is not installed
1.7.922 Jun 2016 09:07 minor bugfix: Client bug fix: Do not include intro(8mandos) man page which conflicts with the same one from the server package.
1.7.821 Jun 2016 20:47 minor bugfix: Client bug fix: Work with GnuPG 2 when booting (Debian bug #819982) by copying /usr/bin/gpg-agent into initramfs. Server bug fix: Make the --interface option work when using Python 2.7 by trying harder to find SO_BINDTODEVICE.
1.7.719 Mar 2016 22:26 minor bugfix: Bug fix: Fix bug in Plymouth password prompting plugin, bug present since 1.2, but only recently broken since the introduction of the -fsanitize=address compilation flag in version 1.7.2.
1.7.613 Mar 2016 22:45 minor bugfix: Bug fix: Fix bug where stopping server would time out. Also make server program compatible with Python 3.
1.7.508 Mar 2016 00:55 minor bugfix: Bug fix: Fix security restrictions in systemd service file. Work around bug where stopping server would time out.
1.7.405 Mar 2016 22:42 minor bugfix: Bug fix: Fix compilation on mips, mipsel and s390x. On boot, tolerate errors from the external "configure_networking" shell function. Add extra security restrictions in systemd service file.
1.7.329 Feb 2016 22:50 minor bugfix: Bug fix: Remove new type of keyring directory used by GnuPG 2.1. Bug fix: Remove "nonnull" attribute from a function argument, which would otherwise generate a spurious runtime warning.
1.7.228 Feb 2016 16:17 minor bugfix: Bug fix: Don't try to send D-Bus signal ClientRemoved if not using D-Bus. Also stop using Python-GnuTLS library and instead call the GnuTLS library directly.
1.7.124 Oct 2015 18:33 minor bugfix: Bug fix: Can now really find Mandos server even if the server has an IPv6 address on a network other than the one which the Mandos server is on.
1.7.010 Aug 2015 21:22 minor feature: Server bugs fixed: Handle local Zeroconf service name collisions better, the "ERROR: Child process vanished" bug, start server correctly in systemd, be compatible with old 2048-bit DSA keys. Server features: The D-Bus API now provides the standard D-Bus ObjectManager interface (deprecating older functionality). Client bug fixed: mandos-keygen now generates correct output for the "Checker" variable even if the SSH server on the Mandos client has multiple SSH key types. Client features: Can now find Mandos server even if the server has an IPv6 address on a network without IPv6 Router Advertisment, now uses a better value than 1024 for the default number of DH bits, can now use pre-generated Diffie-Hellman parameters from a file.
1.6.926 Oct 2014 15:23 minor feature: Server: Changed to emit standard D-Bus signal when D-Bus properties change. (The old signal is still emitted too, but marked as deprecated.)
Submitted byTeddy Hogeborn
ManageYou can also help out here by:
← Update project
or flagging this entry for moderator attention.