AdguardTeam/AdGuardHome
1
1
Fork 0
mirror of https://github.com/AdguardTeam/AdGuardHome.git synced 2024-09-11 10:45:42 +03:00
Code Issues Packages Projects Releases Wiki Activity

Pull request: cve-id

Browse Source 
Merge in DNS/adguard-home from cve-id to master

Squashed commit of the following:

commit 5a5418db1992e49402a44a3c1cf9cffc132c8074
Author: Ainar Garipov <A.Garipov@AdGuard.COM>
Date:   Tue Oct 18 17:28:49 2022 +0300

    all: upd cve id
This commit is contained in:
Ainar Garipov 2022-10-18 17:45:04 +03:00
parent aaaa56fce3
commit 8dba4ecd01
1 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
CHANGELOG.md
View File

@ -122,9 +122,9 @@ See also the [v0.107.14 GitHub milestone][ms-v0.107.14].
### Security
A Cross-Site Request Forgery (CSRF) vulnerability has been discovered. The CVE
number is to be assigned. We thank Daniel Elkabes from Mend.io for reporting
this vulnerability to us.
A Cross-Site Request Forgery (CSRF) vulnerability has been discovered. We thank
Daniel Elkabes from Mend.io for reporting this vulnerability to us. This is
[CVE-2022-32175].
#### `SameSite` Policy
@ -173,6 +173,7 @@ All JSON APIs that expect a body now check if the request actually has
[#4927]: https://github.com/AdguardTeam/AdGuardHome/issues/4927
[#4930]: https://github.com/AdguardTeam/AdGuardHome/issues/4930
[CVE-2022-32175]: https://www.cvedetails.com/cve/CVE-2022-32175
[ms-v0.107.14]: https://github.com/AdguardTeam/AdGuardHome/milestone/50?closed=1