Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Builds for Red Hat OpenShift 1.5.1 | RedHat | registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator:sha256:06d1a4352ca5002f85d284eb987548838d6acdcc7acdc98d604495b3cae1a12c | * |
| Builds for Red Hat OpenShift 1.5.1 | RedHat | registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator:sha256:06d1a4352ca5002f85d284eb987548838d6acdcc7acdc98d604495b3cae1a12c | * |
| Red Hat Trusted Artifact Signer 1.2 | RedHat | registry.redhat.io/rhtas/certificate-transparency-rhel9:sha256:eb38e98dbb9828fe033a5388609132f7246fe77d2f4d258d015a94ea30752b24 | * |
| Red Hat Trusted Artifact Signer 1.2 | RedHat | registry.redhat.io/rhtas/fulcio-rhel9:sha256:6270ba29adf779de5d3916d5e82f1cd9491ba89d4ae2042347b6ad6d1819dd26 | * |
| Red Hat Trusted Artifact Signer 1.2 | RedHat | registry.redhat.io/rhtas/cosign-rhel9:sha256:2c3be51e9d813495c554bdddf696011375c9ded93473094090f83d8694597824 | * |
| Red Hat Trusted Artifact Signer 1.2 | RedHat | registry.redhat.io/rhtas/gitsign-rhel9:sha256:cb4f5354efa17c1ca6c974ae2aea629e8dc635a55ced1f702cb9e2e365789002 | * |
| Red Hat Trusted Artifact Signer 1.2 | RedHat | registry.redhat.io/rhtas/rekor-backfill-redis-rhel9:sha256:09b4aeeb607c88c72f69e6f87cb840c82ef5752c64a58fa13551db749fac2530 | * |
| Red Hat Trusted Artifact Signer 1.2 | RedHat | registry.redhat.io/rhtas/rekor-cli-rhel9:sha256:7a47b37bfeebe2e95b90333869fda68d87587ff65aac7ce1c777ae75e882450a | * |
| Red Hat Trusted Artifact Signer 1.2 | RedHat | registry.redhat.io/rhtas/rekor-server-rhel9:sha256:02fbd4772c185edf38fcee4e5c5e1c9dad82b77c9da824addaebc445b67d35ac | * |
| Red Hat Trusted Artifact Signer 1.2 | RedHat | registry.redhat.io/rhtas/timestamp-authority-rhel9:sha256:531603563c69aac6905cd6b8157d30781040527404ac2313acba5a9310e0b713 | * |
| Red Hat Trusted Artifact Signer 1.2 | RedHat | registry.redhat.io/rhtas/trillian-database-rhel9:sha256:640633823a54c11fe2a8b3d05e571399fda415b6f0b3adf1ba9806882a94bdd4 | * |
| Red Hat Trusted Artifact Signer 1.2 | RedHat | registry.redhat.io/rhtas/trillian-logserver-rhel9:sha256:12b438ea70f83ee6edb12c96b507f92510f4afba824eac34c8f50793c4199db6 | * |
| Red Hat Trusted Artifact Signer 1.2 | RedHat | registry.redhat.io/rhtas/trillian-logsigner-rhel9:sha256:1d782a127d2f8bdab633f287cb2df2e400ae91bf5d4b913473539d8512dfaab6 | * |
| Red Hat Trusted Artifact Signer 1.2 | RedHat | registry.redhat.io/rhtas/rhtas-rhel9-operator:sha256:01b63201e2f0547a1a2ad4a4bfa1e3560e05a813998fb0f3e415c5adcf68b78c | * |
| Golang-1.23 | Ubuntu | oracular | * |