Skip to content

Version 2.8.2

Choose a tag to compare

View all tags
@emlun emlun released this 12 May 14:00
· 57 commits to main since this release
2.8.2
This tag was signed with the committer’s verified signature.
emlun Emil Lundberg
GPG key ID: C81FDCBBE03F92DF
Verified
Learn about vigilant mode.
6f92b2a
This commit was signed with the committer’s verified signature.
emlun Emil Lundberg
GPG key ID: C81FDCBBE03F92DF
Verified
Learn about vigilant mode.

Security fixes:

  • Fixed issue where RelyingParty.finishAssertion and RelyingPartyV2.finishAssertion could return a successful authentication result even though the authenticated credential is owned by a different user than StartAssertionOptions.username. For details see YSA-2026-02: https://www.yubico.com/support/security-advisories/ysa-2026-02/

Artifacts built with openjdk version "17.0.18" 2026-01-20.

Assets 4
Loading