@cryptobot cryptobot released this Aug 14, 2016 · 459 commits to develop since this release

Assets 16

Security Fixes

This release fixes two (related) vulnerabilities allowing malicious Flash files being injected into vaults, that can be executed to "bypass" the SOP and access files from a Flash-enabled browser.

Kudos to @LukasReschke for reporting them!


This also fixes various bugs with Dropbox, Google Drive, Windows drive letters, the Windows Registry and WebDAV access on Linux. A complete list of closed issues is available here.