Update changelog
This commit is contained in:
parent
6b94f5ef51
commit
cb524b60b4
|
@ -160,18 +160,22 @@ RM: 3.379
|
||||||
|
|
||||||
Changelog
|
Changelog
|
||||||
---------
|
---------
|
||||||
v1.7-beta1, 2019-01-03
|
|
||||||
|
v1.7, in progress (v1.7-beta1 released 2019-01-03)
|
||||||
* **Fix possible symlink race attacks in forward mode** when using allow_other + plaintextnames
|
* **Fix possible symlink race attacks in forward mode** when using allow_other + plaintextnames
|
||||||
* If you use *both* `-allow_other` *and* `-plaintextnames`, you should upgrade.
|
* If you use *both* `-allow_other` *and* `-plaintextnames`, you should upgrade.
|
||||||
Malicious users could trick gocryptfs into modifying files outside of `CIPHERDIR`,
|
Malicious users could trick gocryptfs into modifying files outside of `CIPHERDIR`,
|
||||||
or reading files inside `CIPHERDIR` that they should not have access to.
|
or reading files inside `CIPHERDIR` that they should not have access to.
|
||||||
* If you do not use `-plaintextnames` (disabled per default), these attacks do
|
* If you do not use `-plaintextnames` (disabled per default), these attacks do
|
||||||
not work as symlinks are encrypted.
|
not work as symlinks are encrypted.
|
||||||
* Forward mode has been reworked to use the "*at" family of system calls everywhere
|
* Forward mode has been reworked to use the "\*at" family of system calls everywhere
|
||||||
(`Openat/Unlinkat/Symlinkat/...`).
|
(`Openat/Unlinkat/Symlinkat/...`).
|
||||||
* As a result, gocryptfs may run slightly slower, as the caching logic has been
|
* As a result, gocryptfs may run slightly slower, as the caching logic has been
|
||||||
replaced and is very simple at the moment.
|
replaced and is very simple at the moment.
|
||||||
* The possibility for such attacks was found during an internal code review.
|
* The possibility for such attacks was found during an internal code review.
|
||||||
|
* Reverse mode: fix excluded, unaccessible files showing up in directory listings
|
||||||
|
([#285](https://github.com/rfjakob/gocryptfs/issues/285),
|
||||||
|
[#286](https://github.com/rfjakob/gocryptfs/issues/286))
|
||||||
|
|
||||||
v1.6.1, 2018-12-12
|
v1.6.1, 2018-12-12
|
||||||
* Fix "Operation not supported" chmod errors on Go 1.11
|
* Fix "Operation not supported" chmod errors on Go 1.11
|
||||||
|
|
Loading…
Reference in New Issue