mirror of
https://github.com/AdguardTeam/AdGuardHome.git
synced 2024-11-21 20:45:33 +03:00
Pull request: upd-chlog
Merge in DNS/adguard-home from upd-chlog to master Squashed commit of the following: commit b53de96bc5d1bc0ff81ceb6c716614fd094913e7 Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Thu Sep 29 19:46:36 2022 +0300 all: upd chlog
This commit is contained in:
parent
756b14a61d
commit
7b48863041
1 changed files with 28 additions and 20 deletions
48
CHANGELOG.md
48
CHANGELOG.md
|
@ -12,11 +12,31 @@ and this project adheres to
|
|||
## [Unreleased]
|
||||
|
||||
<!--
|
||||
## [v0.108.0] - 2022-12-01 (APPROX.)
|
||||
## [v0.108.0] - TBA (APPROX.)
|
||||
-->
|
||||
|
||||
|
||||
|
||||
<!--
|
||||
## [v0.107.15] - 2022-10-26 (APPROX.)
|
||||
|
||||
See also the [v0.107.15 GitHub milestone][ms-v0.107.15].
|
||||
|
||||
[ms-v0.107.15]: https://github.com/AdguardTeam/AdGuardHome/milestone/51?closed=1
|
||||
-->
|
||||
|
||||
|
||||
|
||||
## [v0.107.14] - 2022-09-29
|
||||
|
||||
See also the [v0.107.14 GitHub milestone][ms-v0.107.14].
|
||||
|
||||
### Security
|
||||
|
||||
A Cross-Site Request Forgery (CSRF) vulnerability has been discovered. The CVE
|
||||
number is to be assigned. We thank Daniel Elkabes from Mend.io for reporting
|
||||
this vulnerability to us.
|
||||
|
||||
#### `SameSite` Policy
|
||||
|
||||
The `SameSite` policy on the AdGuard Home session cookies is now set to `Lax`.
|
||||
|
@ -28,10 +48,9 @@ after updating.**
|
|||
|
||||
#### Removal Of Plain-Text APIs (BREAKING API CHANGE)
|
||||
|
||||
A Cross-Site Request Forgery (CSRF) vulnerability has been discovered. We have
|
||||
implemented several measures to prevent such vulnerabilities in the future, but
|
||||
some of these measures break backwards compatibility for the sake of better
|
||||
protection.
|
||||
We have implemented several measures to prevent such vulnerabilities in the
|
||||
future, but some of these measures break backwards compatibility for the sake of
|
||||
better protection.
|
||||
|
||||
The following APIs, which previously accepted or returned `text/plain` data,
|
||||
now accept or return data as JSON. All new formats for the request and response
|
||||
|
@ -42,9 +61,6 @@ bodies are documented in `openapi/openapi.yaml` and `openapi/CHANGELOG.md`.
|
|||
- `POST /control/filtering/set_rules`;
|
||||
- `POST /control/i18n/change_language`.
|
||||
|
||||
The CVE number is to be assigned. We thank Daniel Elkabes from Mend.io for
|
||||
reporting this vulnerability to us.
|
||||
|
||||
#### Stricter Content-Type Checks (BREAKING API CHANGE)
|
||||
|
||||
All JSON APIs now check if the request actually has the `application/json`
|
||||
|
@ -68,16 +84,7 @@ content-type.
|
|||
[#4927]: https://github.com/AdguardTeam/AdGuardHome/issues/4927
|
||||
[#4930]: https://github.com/AdguardTeam/AdGuardHome/issues/4930
|
||||
|
||||
|
||||
|
||||
|
||||
<!--
|
||||
## [v0.107.14] - 2022-10-05 (APPROX.)
|
||||
|
||||
See also the [v0.107.14 GitHub milestone][ms-v0.107.14].
|
||||
|
||||
[ms-v0.107.14]: https://github.com/AdguardTeam/AdGuardHome/milestone/50?closed=1
|
||||
-->
|
||||
|
||||
|
||||
|
||||
|
@ -1276,11 +1283,12 @@ See also the [v0.104.2 GitHub milestone][ms-v0.104.2].
|
|||
|
||||
|
||||
<!--
|
||||
[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.14...HEAD
|
||||
[v0.107.14]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.13...v0.107.14
|
||||
[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.15...HEAD
|
||||
[v0.107.15]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.14...v0.107.15
|
||||
-->
|
||||
|
||||
[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.13...HEAD
|
||||
[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.14...HEAD
|
||||
[v0.107.14]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.13...v0.107.14
|
||||
[v0.107.13]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.12...v0.107.13
|
||||
[v0.107.12]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.11...v0.107.12
|
||||
[v0.107.11]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.10...v0.107.11
|
||||
|
|
Loading…
Reference in a new issue