mirrors
/
AdGuardHome
mirror of https://github.com/AdguardTeam/AdGuardHome.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Pull request: cve-id 

Merge in DNS/adguard-home from cve-id to master

Squashed commit of the following:

commit 5a5418db1992e49402a44a3c1cf9cffc132c8074
Author: Ainar Garipov <A.Garipov@AdGuard.COM>
Date:   Tue Oct 18 17:28:49 2022 +0300

    all: upd cve id
This commit is contained in:
Ainar Garipov 2022-10-18 17:45:04 +03:00
parent aaaa56fce3
commit 8dba4ecd01
1 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
CHANGELOG.md
View File

@ -122,9 +122,9 @@ See also the [v0.107.14 GitHub milestone][ms-v0.107.14].
### Security ### Security
A Cross-Site Request Forgery (CSRF) vulnerability has been discovered. The CVE A Cross-Site Request Forgery (CSRF) vulnerability has been discovered. We thank
number is to be assigned. We thank Daniel Elkabes from Mend.io for reporting Daniel Elkabes from Mend.io for reporting this vulnerability to us. This is
this vulnerability to us. [CVE-2022-32175].
#### `SameSite` Policy #### `SameSite` Policy
@ -173,6 +173,7 @@ All JSON APIs that expect a body now check if the request actually has
[#4927]: https://github.com/AdguardTeam/AdGuardHome/issues/4927 [#4927]: https://github.com/AdguardTeam/AdGuardHome/issues/4927
[#4930]: https://github.com/AdguardTeam/AdGuardHome/issues/4930 [#4930]: https://github.com/AdguardTeam/AdGuardHome/issues/4930
[CVE-2022-32175]: https://www.cvedetails.com/cve/CVE-2022-32175
[ms-v0.107.14]: https://github.com/AdguardTeam/AdGuardHome/milestone/50?closed=1 [ms-v0.107.14]: https://github.com/AdguardTeam/AdGuardHome/milestone/50?closed=1