Path to this page:
Subject: CVS commit: pkgsrc/security/age
From: Nikita
Date: 2023-01-16 17:07:49
Message id: 20230116160749.4AD03FA90@cvs.NetBSD.org
Log Message:
age: update to version 1.1.1
ChangeLog:
age v1.1.1
age v1.1.1 is a patch release to fix go install filippo.io/age/...@latest.
age v1.1.0
Breaking changes
If -i is used, passphrase-encrypted files are now rejected. Previously,
a passphrase-encrypted file was auto-detected and the identity file was
ignored. This could lead to unexpected behavior, such as a script blocking
for user interaction, based on potentially untrusted input files. Now,
age -d must be invoked without -i arguments to decrypt passphrase-encrypted
files. A helpful error is printed otherwise. This should not break any
automated system as passphrase decryption was always interactive.
Empty final chunks are now rejected. If a payload was a multiple of 64KiB
long, there were two valid encryptions for it: with a "full" last chunk
encrypting 64KiB, or with an additional "empty" chunk encrypting 0 \
bytes.
age, rage, and all other known implementations only ever produced the
former. (Note that age will forever decrypt files it generated.) The latter
is now rejected. The specification has been updated (C2SP/C2SP#13) and test
cases are included in the test suite.
Minor changes
PKCS#8-encoded Ed25519 private keys (such as 1Password exports) are now
supported as SSH identities.
If an armored file is pasted into the terminal, age will now attempt to
wait until the end of the file before prompting for a password.
Some invalid files are now correctly rejected, in particular encrypted files
with trailing data. (Yay for the test suite!)
If /dev/tty is present but can't be opened, age will now fallback to trying
to treat stdin as a terminal as if /dev/tty wasn't present.
(Thanks @brandsimon!)
Input prompts now go to the terminal, even if standard error is redirected.
Values of the new armor.Error type are now returned wrapped in decryption
errors when appropriate.
Windows binary releases are now signed. (Thanks @technion!)
Documentation and error messages were improved.
Files: