mirror of https://github.com/omar-polo/gmid.git
changelog for 2.0.5
This commit is contained in:
parent
a4f18acde3
commit
a33eaaa925
21
ChangeLog
21
ChangeLog
|
@ -1,5 +1,26 @@
|
|||
2024-06-11 Omar Polo <op@omarpolo.com>
|
||||
|
||||
* configure (VERSION): release 2.0.5
|
||||
|
||||
2024-06-10 Omar Polo <op@omarpolo.com>
|
||||
|
||||
* don't error on a '..' component at the start of the path
|
||||
* reject NUL bytes embedded in the request
|
||||
|
||||
2024-06-09 Omar Polo <op@omarpolo.com>
|
||||
|
||||
* check for truncation various strlcpy calls.
|
||||
* clean up of a few unused prototypes and externs.
|
||||
|
||||
2024-06-08 Omar Polo <op@omarpolo.com>
|
||||
|
||||
* configure: change how strnvis(3) is handled: on systems
|
||||
with the broken interface gmid will just use its built-in
|
||||
version.
|
||||
|
||||
2024-06-06 Omar Polo <op@omarpolo.com>
|
||||
|
||||
* parse.y: allow again empty lines at the start of the config
|
||||
* configure (VERSION): release 2.0.4
|
||||
* portability fix for system with a wrong strnvis(3)
|
||||
|
||||
|
|
|
@ -1,5 +1,14 @@
|
|||
# change log
|
||||
|
||||
## 2024/06/11 - 2.0.5 “Lady Stardust” security release
|
||||
|
||||
This release fixes a logic error that can result in a DoS; therefore is a strongly reccomended update for all users. It's safe to update to it from any version of the 2.0.x series.
|
||||
|
||||
* allow again empty lines at the start of the configuration file
|
||||
* change how strnvis(3) is handled: on systems with the broken interface gmid will just use its own built-in version
|
||||
* reject requests with NUL bytes in them.
|
||||
* don't error on a '..' component at the start of the path.
|
||||
|
||||
## 2024/06/06 - 2.0.4 “Lady Stardust” bugfix release
|
||||
|
||||
* add a nicer error message if the removed `cgi' option is still used. Reported by freezr.
|
||||
|
|
Loading…
Reference in New Issue