diff options
| author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2025-01-14 15:52:03 +0100 |
|---|---|---|
| committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2025-01-14 15:52:03 +0100 |
| commit | c79f8102e094f512ac5c706fa30a2741d697b003 (patch) | |
| tree | 5a06a24c3242b6a83873b2d198abb43c1d47a20d /doc/html | |
| parent | 1c38446d780af10db65c801e2814115cca1a0185 (diff) | |
| download | VeraCrypt-c79f8102e094f512ac5c706fa30a2741d697b003.tar.gz VeraCrypt-c79f8102e094f512ac5c706fa30a2741d697b003.zip | |
Update Release Notes about fixed CVEs
Diffstat (limited to 'doc/html')
| -rw-r--r-- | doc/html/Release Notes.html | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/doc/html/Release Notes.html b/doc/html/Release Notes.html index 2519dbbc..9a184905 100644 --- a/doc/html/Release Notes.html +++ b/doc/html/Release Notes.html @@ -65,6 +65,8 @@ </li> <li><strong>Linux:</strong> <ul> + <li>CVE-2024-54187: Added absolute paths when executing system binaries to prevent path hijacking (collaboration with SivertPL @__tfr)</li> + <li>CVE-2025-23021: Prevent mounting volumes on system directories and PATH (reported by SivertPL @__tfr)</li> <li>Fixed an assertion issue with the wxWidgets library included in Ubuntu.</li> <li>Improved directory-opening logic by prioritizing xdg-open and adding fallback mechanisms.</li> <li>Ensure that volume exists before starting the mount operation.</li> @@ -74,6 +76,8 @@ </li> <li><strong>macOS:</strong> <ul> + <li>CVE-2024-54187: Added absolute paths when executing system binaries to prevent path hijacking (collaboration with SivertPL @__tfr)</li> + <li>CVE-2025-23021: Prevent mounting volumes on system directories and PATH (reported by SivertPL @__tfr)</li> <li>Disabled screen capture by default. Added the --allow-screencapture CLI switch to enable it if needed.</li> <li>Ensure that volume exists before starting the mount operation.</li> <li>Implement sudo session detection logic</li> |