New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: DB helper should properly filter entries #3359
Conversation
Previously it was assumed the sed operation was applying the sed expressions as a sequence, but it did not seem to filter entries being looked up correctly, thus matching values from entry keys that weren't correct... Resolved by piping the first sed expression into the next.
Probably a case where an improved CI for patch releases would be handy 😅 I guess this will have to wait until v13? |
I think there are no maintainer capacity limits left 😂
Yes. But there really isn't too much that's blocking v13.0.0. I'm waiting on review from @casperklein for my PR, and the Getmail PR is waiting too. And then there is only the IPv6 PR. I don't mind changing defaults with v14.0.0 to rspamd. It seems a lot of users are already using Rspamd, so no rush with the defaults. |
I think this is fine to merge now. Casper already gave a 👍 to the solution shared on the reported issue earlier, any changes can be done via follow-up PR if necessary :)
💯
👍
Yep still working on that digging through upstream moby issues atm 😅 (doesn't have to block the release though) I recently learned that due to Docker setting Originally I was looking into a similar vulnerability for I've confirmed at least with I'd give an ETA, but I'm terrible with that these days 😬 |
Maybe I've overlooked something, but afaik there were no breaking changes since |
Technically, true. I actually considered #3235 not a breaking change, but we waited with the change as @polarathene considered it to be breaking. The other major change is in #3335, which technically is not breaking either. We do need to make sure to communicate these two big changes thoroughly though, in case we go for v12.2.0. |
Or just publish as v13, doesn't have to be a big release to warrant it 😅 |
I'd go for v13 as well. I reall don't mind having higher numbers - I'm not Linus Torvalds.. |
Description
Previously it was assumed the sed operation was applying the sed expressions as a sequence, but it did not seem to filter entries being looked up correctly. Instead any line that matched either sed expression pattern was output (value without matching key, values split by the delimiter), then grep would match any of that causing false-positives.
Resolved by piping the first sed expression into the next.
Fixes: #3358
Type of change
Checklist: