diff options
Diffstat (limited to 'doc/html')
| -rw-r--r-- | doc/html/Release Notes.html | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/doc/html/Release Notes.html b/doc/html/Release Notes.html index 2519dbbc..9a184905 100644 --- a/doc/html/Release Notes.html +++ b/doc/html/Release Notes.html @@ -65,6 +65,8 @@ </li> <li><strong>Linux:</strong> <ul> + <li>CVE-2024-54187: Added absolute paths when executing system binaries to prevent path hijacking (collaboration with SivertPL @__tfr)</li> + <li>CVE-2025-23021: Prevent mounting volumes on system directories and PATH (reported by SivertPL @__tfr)</li> <li>Fixed an assertion issue with the wxWidgets library included in Ubuntu.</li> <li>Improved directory-opening logic by prioritizing xdg-open and adding fallback mechanisms.</li> <li>Ensure that volume exists before starting the mount operation.</li> @@ -74,6 +76,8 @@ </li> <li><strong>macOS:</strong> <ul> + <li>CVE-2024-54187: Added absolute paths when executing system binaries to prevent path hijacking (collaboration with SivertPL @__tfr)</li> + <li>CVE-2025-23021: Prevent mounting volumes on system directories and PATH (reported by SivertPL @__tfr)</li> <li>Disabled screen capture by default. Added the --allow-screencapture CLI switch to enable it if needed.</li> <li>Ensure that volume exists before starting the mount operation.</li> <li>Implement sudo session detection logic</li> |