Pull request: upd-chlog
Merge in DNS/adguard-home from upd-chlog to master Squashed commit of the following: commit b53de96bc5d1bc0ff81ceb6c716614fd094913e7 Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Thu Sep 29 19:46:36 2022 +0300 all: upd chlog
This commit is contained in:
parent
756b14a61d
commit
7b48863041
48
CHANGELOG.md
48
CHANGELOG.md
|
@ -12,11 +12,31 @@ and this project adheres to
|
||||||
## [Unreleased]
|
## [Unreleased]
|
||||||
|
|
||||||
<!--
|
<!--
|
||||||
## [v0.108.0] - 2022-12-01 (APPROX.)
|
## [v0.108.0] - TBA (APPROX.)
|
||||||
-->
|
-->
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<!--
|
||||||
|
## [v0.107.15] - 2022-10-26 (APPROX.)
|
||||||
|
|
||||||
|
See also the [v0.107.15 GitHub milestone][ms-v0.107.15].
|
||||||
|
|
||||||
|
[ms-v0.107.15]: https://github.com/AdguardTeam/AdGuardHome/milestone/51?closed=1
|
||||||
|
-->
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## [v0.107.14] - 2022-09-29
|
||||||
|
|
||||||
|
See also the [v0.107.14 GitHub milestone][ms-v0.107.14].
|
||||||
|
|
||||||
### Security
|
### Security
|
||||||
|
|
||||||
|
A Cross-Site Request Forgery (CSRF) vulnerability has been discovered. The CVE
|
||||||
|
number is to be assigned. We thank Daniel Elkabes from Mend.io for reporting
|
||||||
|
this vulnerability to us.
|
||||||
|
|
||||||
#### `SameSite` Policy
|
#### `SameSite` Policy
|
||||||
|
|
||||||
The `SameSite` policy on the AdGuard Home session cookies is now set to `Lax`.
|
The `SameSite` policy on the AdGuard Home session cookies is now set to `Lax`.
|
||||||
|
@ -28,10 +48,9 @@ after updating.**
|
||||||
|
|
||||||
#### Removal Of Plain-Text APIs (BREAKING API CHANGE)
|
#### Removal Of Plain-Text APIs (BREAKING API CHANGE)
|
||||||
|
|
||||||
A Cross-Site Request Forgery (CSRF) vulnerability has been discovered. We have
|
We have implemented several measures to prevent such vulnerabilities in the
|
||||||
implemented several measures to prevent such vulnerabilities in the future, but
|
future, but some of these measures break backwards compatibility for the sake of
|
||||||
some of these measures break backwards compatibility for the sake of better
|
better protection.
|
||||||
protection.
|
|
||||||
|
|
||||||
The following APIs, which previously accepted or returned `text/plain` data,
|
The following APIs, which previously accepted or returned `text/plain` data,
|
||||||
now accept or return data as JSON. All new formats for the request and response
|
now accept or return data as JSON. All new formats for the request and response
|
||||||
|
@ -42,9 +61,6 @@ bodies are documented in `openapi/openapi.yaml` and `openapi/CHANGELOG.md`.
|
||||||
- `POST /control/filtering/set_rules`;
|
- `POST /control/filtering/set_rules`;
|
||||||
- `POST /control/i18n/change_language`.
|
- `POST /control/i18n/change_language`.
|
||||||
|
|
||||||
The CVE number is to be assigned. We thank Daniel Elkabes from Mend.io for
|
|
||||||
reporting this vulnerability to us.
|
|
||||||
|
|
||||||
#### Stricter Content-Type Checks (BREAKING API CHANGE)
|
#### Stricter Content-Type Checks (BREAKING API CHANGE)
|
||||||
|
|
||||||
All JSON APIs now check if the request actually has the `application/json`
|
All JSON APIs now check if the request actually has the `application/json`
|
||||||
|
@ -68,16 +84,7 @@ content-type.
|
||||||
[#4927]: https://github.com/AdguardTeam/AdGuardHome/issues/4927
|
[#4927]: https://github.com/AdguardTeam/AdGuardHome/issues/4927
|
||||||
[#4930]: https://github.com/AdguardTeam/AdGuardHome/issues/4930
|
[#4930]: https://github.com/AdguardTeam/AdGuardHome/issues/4930
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<!--
|
|
||||||
## [v0.107.14] - 2022-10-05 (APPROX.)
|
|
||||||
|
|
||||||
See also the [v0.107.14 GitHub milestone][ms-v0.107.14].
|
|
||||||
|
|
||||||
[ms-v0.107.14]: https://github.com/AdguardTeam/AdGuardHome/milestone/50?closed=1
|
[ms-v0.107.14]: https://github.com/AdguardTeam/AdGuardHome/milestone/50?closed=1
|
||||||
-->
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -1276,11 +1283,12 @@ See also the [v0.104.2 GitHub milestone][ms-v0.104.2].
|
||||||
|
|
||||||
|
|
||||||
<!--
|
<!--
|
||||||
[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.14...HEAD
|
[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.15...HEAD
|
||||||
[v0.107.14]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.13...v0.107.14
|
[v0.107.15]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.14...v0.107.15
|
||||||
-->
|
-->
|
||||||
|
|
||||||
[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.13...HEAD
|
[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.14...HEAD
|
||||||
|
[v0.107.14]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.13...v0.107.14
|
||||||
[v0.107.13]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.12...v0.107.13
|
[v0.107.13]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.12...v0.107.13
|
||||||
[v0.107.12]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.11...v0.107.12
|
[v0.107.12]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.11...v0.107.12
|
||||||
[v0.107.11]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.10...v0.107.11
|
[v0.107.11]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.10...v0.107.11
|
||||||
|
|
Loading…
Reference in New Issue