This reduces the capability of an adversary to craft a malicious bundle containing large numbers of these data, which can result in a target verifier process consuming high CPU and memory resources, resulting in an "endless data attack", a type of DoS attack.
This reduces the capability of an adversary to craft a malicious bundle containing large numbers of these data, which can result in a target verifier process consuming high CPU and memory resources, resulting in an "endless data attack", a type of DoS attack.
Fixes https://github.com/sigstore/sigstore-go/security/advisories/GHSA-cq38-jh5f-37mq
Summary
Release Note
Documentation