Skip to content

v1.9.1 - Security Fixes
Compare
Choose a tag to compare
@Yeraze Yeraze released this 14 Feb 14:21
· 85 commits to master since this release
v1.9.1-2
c8c1abd

This version is thanks to @EricSesterhennX41 , who pointed out some potential vulnerabilities in ytnef related to how we handled potentially corrupted files. While there's no exploits of this in the wild ( no my knowledge ), they still need to be fixed.

I also took the opportunity to fix an issue with path handling (now removing / and \ from attachment paths), and remove some of the exit(-1)'s from the code. Hopefully this makes ytnef a bit more friendly to consuming applications.

(v1.9.1 - I forgot to actually rev up the version number in the configure.ac script, that's fixed in this release, hence the -2 suffix)

Assets 2
Loading