Skip to content

v1.5.2 - CVE-2022-23649

Compare
Choose a tag to compare
@sigstore-bot sigstore-bot released this 18 Feb 22:32
· 1693 commits to main since this release
8ffcd12

This release contains fixes for CVE-2022-23649, affecting signature validations with Rekor. Only validation is affected, it is not necessary to re-sign any artifacts.
See: GHSA-ccxc-vr6p-4858

Changelog

Thanks for all contributors!