Closed mickael9 closed 6 years ago
Don't merge this yet, I think it will prevent downloads because I didn't add the safe
argument to FS_SV_Rename
Thank you. This one will need lots of testing that I don't have the time to do right now, so I'll leave the PR open for now. :)
Don't merge this yet, I think it will prevent downloads because I didn't add the safe argument to FS_SV_Rename
I just tried it out on linux, downloads seem to work fine. Although i know the linux build uses curl, is that different on other platforms?
@ThomasBrierley That was fixed in afde689 and no, all platforms use curl for auto downloads
Oh yeah, great, what else needs testing then? Currently using this patch and haven't come across anything, not that I know what to look for.
Any progress here?
This fixes the issues mentioned in CVE-2017-6903 and adds more general security improvements as well.
Fixes #71