nightly-e3e7fcf3-ls158
Pre-release
Pre-release
6afc226
This commit was signed with the committer’s verified signature.
LinuxServer-CI
LinuxServer.io CI
CI Report:
https://ci-tests.linuxserver.io/linuxserver/sabnzbd/nightly-e3e7fcf3-ls158/index.html
LinuxServer Changes:
No changes
Remote Changes:
Prevent path traversal in orphaned job APIs
Adds security checks to _api_delete_orphan and _api_add_orphan endpoints
to ensure that operations are restricted strictly to the download directory.
This mitigates potential path traversal vulnerabilities, preventing
unauthorized file deletion or modification outside the intended scope.
Reported as GHSA-hxwh-mmrg-p8f5