Hi, as you may have noticed, there were a number of fprintd and libfprint releases in a row. The mess should be over with now, but let me explain a bit what and why it happened.
The main regressions triggering new releases were:
* libfprint auto-suspending a USB hub
-> This was caused by a user reporting an incorrect USB ID for an
unsupported device.
* fprintd shipped an incorrect DBus configuration
-> This one was an incorrect fix, ugly mistake.
* fprintd had a few issues with the new authorization handling
-> A major rewrite was required to fix the security issues. It is
not totally unexpected that some issues would sneak in.
* pam_fprintd had a crash bug
-> This was an ugly mistake in a cleanup patch. And neither
automated nor manual testing did catch the corner cases where
the system has no fingerprint readers.
The automated tests have been extended.
* pam_fprintd did not work if fprintd was just activated by DBus
-> This was a regression introduced by an important fix for a race
condition that could trigger an authentication bypass.
On the positive side, the code and test quality has been improved
considerably. And, we have fixed a lot of problems (not just the listed
ones) a number of them with security implications.
I hope this did not cause too many issues for people,
Benjamin
signature.asc
Description: This is a digitally signed message part
_______________________________________________ fprint mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/fprint
