Skip to content

Taquito v17.1.1
Compare
Choose a tag to compare
@dsawali dsawali released this 26 Jul 20:42
17.1.1
8f685d3
This commit was signed with the committer’s verified signature.
ac10n
GPG key ID: 0E2D4E2D60A93958
Learn about vigilant mode.

Summary

This is a patch release to fix a potential issue with verifySignature() and hex2buf() util method.

Bug Fixes

  • Fixed a potentially exploitable behaviour where verifySignature() was allowing an appended character to a message payload and still verify the signature correctly. It has now been fixed to validate against odd length characters #2578
Assets 3
Loading