1.0.4 - 2014-04-29 * File-based enrollment from Nordea now works. Thanks to Andreas Karlsson * Certificates are now sorted in the sign dialog box. * Fixed window size under recent Firefox version. * The password entry is always focused when a password is required. * Pressing enter in enrollment (password choice) dialog closes it. * Remove "expiry" system. The version to emulate must now be configured from ~/.config/fribid/config instead of the old "expiry" file. * Several bug fixes for BSD. Thanks to Hellqvio. * Cleaned up test scripts and install them under /usr/share/doc/ * Daniel Sandman found and fixed a Makefile bug in this release. * More security precautions, code cleanup, etc. 1.0.3 - 2014-01-31 * Only use IPv4 addresses in the signatures. Fixes problems with some web sites, e.g. Skatteverket. * Detection of multiarch in the configure script 1.0.2 - 2012-11-14 * Added the OnlyAcceptMRU parameter (but didn't implement it), which is required to exist on some web sites. * Fixed a compilation error when building without PKCS#11 (smartcard) support. * Increased the version number in the check for the GLib version, which was wrong. * Improved error messages at runtime and during build. 1.0.1a - 2012-04-20 * Fix compilation problem with --disable-pkcs11 1.0.1 - 2012-04-20 * Workaround for security issue in OpenSSL versions older than 1.0.1a, 1.0.0i and 0.9.8v. * Improved error messages. * Improved "configure" script, that allows compilation with GTK 3. * Made the PKCS#11 path configurable in ~/.config/fribid/config * Made the emulated version configurable in that file too. * Fix crash with certificates without the "name" property. 1.0.0 - 2011-09-25 * [security update] Many fixes of potential problems, discovered with tools like Sparse and Clang --analyze, and manual review of the code. None of the problems are known to be remotely exploitable, but all users are encouraged to upgrade. * Fixed problem with enrollment of new certificates on Chrome/Chromium. * Added the TextCharacterEncoding parameter. Needed by minameddelanden.se * Improved parsing of SubjectDN. This fixes a problem with enrollment on Handelsbanken. * The MIME type "application/x-personal-signer" is now claimed to be supported. This makes the log in work on Handelsbanken. * Fixed a problem on 64-bit platforms. Thanks to Edward Tjörnhammar. * Subjects are now sorted by their display name. * An initial size is now specified for the "text to be signed" box. This fixes a problem on Ubuntu 11.10, where it was invisible. * Improved "configure" script with more reliable 64-bit path detection. 0.3.1 - 2011-07-11 * Added support for numeric OIDs in distinguished names. This should make enrollment with Handelsbanken work, but is untested so far. * Build fixes for FreeBSD (Robert Andersson). * Support for --localedir and --mandir in the configure script. * Compatibility with GTK 3.0. * Implemented the "Reset" function in the Javascript interface. I haven't seen it used anywhere, but it's implemented in Nexus Personal. * The plugin version is now reported to the browser. * Some small improvements. 0.3.0 - 2011-04-24 * [security update] Fix display of ISO-8859-1 strings and strings with invalid UTF-8. Previously the "text to sign" box was just empty in these two cases, so the user could not see what he or she was signing. * Implemented support for obtaining file-based e-IDs. Thanks to Erik Andersson, Örjan and "krypto" for testing this! * All Javascript function arguments have been limited to 10 MiB. * Fix compilation with OpenSSL 1.0.0. * Made the plugin identify itself as "Nexus Personal" instead of "FriBID". This fixes compatibility with some sites, such as Skandiabanken. * Add a "stub" of the Webadmin object, which is needed for test.bankid.com * Made all parameter names case insensitive. * Code refactoring. 0.2.2 - 2010-12-18 * Fixed a 64-bit type error. (Henrik Nordström) * Implemented the ServerTime parameter which is used on at least www.forex.se, and possibly other sites. (Samuel Lidén Borell) * Fix incorrectly detected library path on 64-bit systems. (Samuel Lidén Borell) * Code refactoring/cleanup. (Samuel Lidén Borell) 0.2.1a - 2010-10-11 * Fixed a problem with one of the Makefiles. 0.2.1 - 2010-10-10 * Added a manual page. * Corrected the version number of GTK in the INSTALL document. * Moved the source files for building Debian packages to a separate repostitory at http://github.com/samuellb/fribid-debian 0.2.0 - 2010-09-17 * Support for card readers. See http://wiki.fribid.se/sidor/SmartCards Thanks to Marcus Carlson and Henrik Nordström. * Updated the version string to the latest one of the official Linux client (4.15.0.14). * Replaced the dependency on the NSS crypto library with OpenSSL. * Added a simple web page for testing certificate requesting. * The Debian package no longer suggests that Java should be installed, Java hasn't been used by BankID sites for a long time now. * Add Chromium to the list of recommended browsers in the Debian package. * Code cleanup. 0.1.4 - 2010-05-16 * Fixed a problem that occurred on Försäkringskassan's web site. Thanks to mannuz who discovered this problem. 0.1.3 - 2010-04-16 * Fixed a crash that occurred with certain certificate/identity files. Thanks to Marcus Carlson who tracked down this bug. * Made FriBID look for certificates/identity files in ~/.cbt as well as ~/cbt. Thanks to Marcus Carlson for this patch. * Made it possible to specify a path for the library files. Normally these are stored in /usr/lib/, but some distributions store them in /usr/lib64/ on 64-bit platforms (for example Slackware). * Added an ASN1 dumping tool, which can be used to analyze certificate/ identity files. * Small improvements in performance and documentation fixes. 0.1.2 - 2010-03-24 * Fixed a bug with optimized builds that caused passwords to not be cleared from RAM when they where no longer needed. * Fixed a compatibility problem with sites that request signing without specifying a subject (personal number). * Implemented "non-visible data", which is used in signatures at some sites, such as Skatteverket. * A better random source is now used for the encryption keys for the temporary NSS database. 0.1.1 - 2010-02-20 * Fixed a bug that sometimes caused PIDs of exited child processes ("zombies") to be left around. * Added a "fuzzer" script that can be used to check for bugs. * Compatibility with Google Chrome / Chromium. * Prevent the password from getting swapped out. Thanks to Linus Walleij for this patch! * Fixed some build problems completely on FreeBSD, and partially on OpenBSD. Thanks to Markus Bergkvist! * Fixed a browser crash on some 64-bit platforms. Thanks to Håkan Kvist for this patch! 0.1.0 - 2010-02-03 * All occurrences of the password in RAM are now cleared when they are no longer needed. * Fixed an error that occurred on sites that were sending null bytes in the challenge parameter. * Better error handling. * Renamed the plugin filename to libfribidplugin.so to prevent installation conflicts with Nexus Personal. * Fixed two compile errors on 64-bit platforms. * Fixed a couple of non-critical errors in the makefiles. * Added build files for the Debian package format, and makefile rules for .deb and .tar package creation. * Better error handling. * Made it impossible for a single web page to open multiple log in windows. * Made person filtering work when authenticating. This is used on web sites that let you enter your personal number as a separate step in the log in process. 0.0.9a - 2009-11-13 * Added license headers to a few files that lacked this information. 0.0.9 - 2009-11-11 * Initial version.