Skip to content

v3.5.1 - manifest integrity traversal-guard fix (security)

Choose a tag to compare

View all tags
@HetCreep HetCreep released this 13 Jun 08:49
· 31 commits to main since this release
v3.5.1
This tag was signed with the committer’s verified signature.
HetCreep
SSH Key Fingerprint: 0osv9sipbbl2qmrI00rRA3kcEKs4ZuS+FBihPD/c8DU
Verified
Learn about vigilant mode.
9b0f480
This commit was signed with the committer’s verified signature.
HetCreep
SSH Key Fingerprint: 0osv9sipbbl2qmrI00rRA3kcEKs4ZuS+FBihPD/c8DU
Verified
Learn about vigilant mode.

rot-canary auto-scan on the v3.5.0 SFC-lite code caught a real path-traversal-guard bypass: a Windows-backslash manifest key slipped past the /-split guard, letting verify.mjs hash a file outside the install dir (read-only oracle). Fixed with a resolve-and-contain check covering both separators, absolute, and drive-relative keys; escape test extended. Same class as the v2.6.1 safeSkillNames fix. Full details in CHANGELOG.md.

Assets 2
Loading