StarMC/Astral-nook
StarMC/Astral-nook
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

[Security] Address critical flaw in console rendering that allowed arbitrary command execution

Browse source
This commit is contained in:
Dane Everitt 2017-06-26 22:36:09 -05:00
parent ddb98df4af
commit 829453f805
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
11 changed files with 515 additions and 548 deletions
Download patch file Download diff file Expand all files Collapse all files

7
CHANGELOG.md
View file

@ -3,6 +3,13 @@ This file is a running track of new features and fixes to each version of the pa
This project follows [Semantic Versioning](http://semver.org) guidelines.
## v0.6.3 (Courageous Carniadactylus)
### Fixed
* **[Security]** — Addresses an oversight in how the terminal rendered information sent from the server feed which allowed a malicious user to execute arbitrary commands on the game-server process itself by using a specifically crafted in-game command.
### Changed
* Removed `jquery.terminal` and replaced it with an in-house developed terminal with less potential for security issues.
## v0.6.2 (Courageous Carniadactylus)
### Fixed
* Fixes a few typos throughout the panel, there are more don't worry.