v2.1.0
ZLint v2.1.0
The ZMap team is happy to announce the v2.1.0 release. This minor release primarily includes bug fixes and new lints.
New Lints
- New CABF Baseline Requirements Lint
e_ext_nc_intersects_reserved_ip
- New Mozilla PKI Policy Lints
e_mp_rsassa-pss_in_spkie_mp_rsassa-pss_parameters_encoding_in_signature_algorithm_correcte_mp_ecdsa_pub_key_encoding_correcte_mp_ecdsa_signature_encoding_correct
- New Apple PKI Policy Lints
e_tls_server_cert_valid_time_longer_than_398_days
Bug Fixes
- The
2001:5::/32network was removed from reserved networks list since it is no longer IANA reserved.
Misc
- Updated TLD data (Current to 2020-04-02).
- README updates.
- CI test for ensuring OpenSSL text prepend of test cert data.
Full Changelog
1e160b1 ci: update goreleaser install URL. (#429)
3bf4bbf lints: enforce Mozilla PKI policy for ECDSA pubkey/sig alg curves/encoding. (#378)
206df7d gTLD autopull: 2020-04-02T17:35:25Z (#425)
d933f03 autopull: 2020-03-28T17:34:11Z (#423)
4ca0695 Fix spelling of 'distinguished' in lint descriptions (#422)
94d7dde util: rewrite test/prepend_testcerts_openssl.sh, update testdata (#421)
83d24bd lints: lint for upcoming Apple max cert lifetime policy. (#417)
cfbfdec gTLD autopull: 2020-03-14T17:26:52Z (#420)
c7c6a31 lints: enforce Mozilla PKI policy RSASSA-PSS encoding requirements (#377)
b28794b docs: fix template to use v2 package import. (#416)
1968515 lints: disallow reserved iPAddresses in NCs (#414)
48bf6ee remove lisp reserved range since no longer IANA reserved (#415)
3329bb6 README: fix a typo and fix the example for LintCertificateEx (#409)
5b2df5c lints: enforce Mozilla PKI policy omission of id-RSASSA-PSS oid (#376)