Mirrors/mealie
1
0
Fork 0
mirror of https://github.com/mealie-recipes/mealie.git synced 2026-02-06 16:03:12 -05:00
Code Issues Packages Projects Releases Wiki Activity

security: multiple reported CVE fixes (#1515)

Browse Source 
* update out of date license

* update typing / refactor

* fix arbitrarty path injection

* use markdown sanatizer to prevent XSS CWE-79

* fix CWE-918 SSRF by validating url and mime type

* add security docs

* update recipe-scrapers

* resolve DOS from arbitrary url

* update changelog

* bump version

* add ref to #1506

* add #1511 to changelog

* use requests decoder

* actually fix encoding issue
This commit is contained in:
Hayden
2022-07-31 13:10:20 -08:00
committed by GitHub
parent 483f789b8e
commit 13850cda1f
23 changed files with 401 additions and 118 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
mealie/core/settings/static.py
View File

@@ -1,6 +1,6 @@
from pathlib import Path
APP_VERSION = "v1.0.0beta-3"
APP_VERSION = "v1.0.0beta-4"
CWD = Path(__file__).parent
BASE_DIR = CWD.parent.parent.parent