yetangitu/Oinktube
1
0
Fork 0
mirror of https://github.com/DanielnetoDotCom/YouPHPTube synced 2025-10-05 19:42:38 +02:00
Code Issues Releases Wiki Activity
15745 commits 27 branches 35 tags 638 MiB
Commit graph

1349 commits

Author SHA1 Message Date
DanieL
21fed6e0b7 TALOS Security Advisory for WWBN (TALOS-2022-1551, TALOS-2022-1550, TALOS-2022-1549, TALOS-2022-1548, TALOS-2022-1547, TALOS-2022-1546, TALOS-2022-1545, TALOS-2022-1542, TALOS-2022-1540 - TALOS-2022-1534) 
Should all be good now
 2022-07-07 17:24:20 -03:00
DanieL
9aa42af950 TALOS-2022-1542 2022-07-07 13:58:55 -03:00
DanieL
45bc0f6f19 TALOS-2022-1540 2022-07-07 13:45:14 -03:00
DanieL
f381be9c73 TALOS-2022-1536 2022-07-07 12:44:48 -03:00
DanieL
790535e97c https://github.com/WWBN/AVideo/issues/6828 2022-07-07 12:08:44 -03:00
Daniel
e1ff65925b Improve 2022-07-07 09:39:14 -03:00
Daniel
fbbed16ebc Do not stop the site if the request does not come from same domain 2022-07-07 09:36:47 -03:00
DanieL
3488e055c3 https://github.com/WWBN/AVideo/issues/6825 2022-07-06 22:41:57 -03:00
DanieL
a3da7024f9 New Password Security improvements 2022-07-06 21:41:01 -03:00
DanieL
1b84f3caf9 Debug help 2022-07-06 20:43:16 -03:00
DanieL
34f60438dc Fix 2022-07-06 20:25:22 -03:00
DanieL
09faf94e33 Fix 2022-07-06 20:18:45 -03:00
DanieL
18e9e053cf Fixes 2022-07-06 20:04:51 -03:00
Daniel
22ff28a4e1 Reject PHP files 2022-07-06 19:11:44 -03:00
Daniel
395b913924 TALOS-2022-1550 The realpath must be not inside tmp or inside avideo folder 2022-07-06 19:09:04 -03:00
Daniel
2079703b24 TALOS-2022-1549 2022-07-06 18:45:19 -03:00
Daniel
a34aacf218 TALOS-2022-1548 2022-07-06 18:15:11 -03:00
Daniel
a8ac165638 TALOS-2022-1547 
-: [all but Acorn, VM/CMS, MVS, Tandem] allows to extract archive members into locations outside of the current '' extraction root folder''. For security reasons, unzip normally removes ''parent dir'' path components (''../'') from the names of extracted file. This safety feature (new for version 5.50) prevents unzip from accidentally writing files to ''sensitive'' areas outside the active extraction folder tree head. The -: option lets unzip switch back to its previous, more liberal behaviour, to allow exact extraction of (older) archives that used ''../'' components to create multiple directory trees at the level of the current extraction folder. This option does not enable writing explicitly to the root directory (''/''). To achieve this, it is necessary to set the extraction target folder to root (e.g. -d / ). However, when the -: option is specified, it is still possible to implicitly write to the root directory by specifiying enough ''../'' path components within the zip archive. Use this option with extreme caution.
 2022-07-06 18:10:54 -03:00
Daniel
5926675a51 TALOS-2022-1542 2022-07-06 17:50:45 -03:00
Daniel
ffe53e8d4c Add an option to bypass 2022-07-06 17:10:34 -03:00
Daniel
b9ca3f3e25 TALOS-2022-1536 now all the requests to save or delete must be made from the same domain as AVideo 2022-07-06 17:08:59 -03:00
Daniel
01b466dd4e TALOS-2022-1535 Update the current session id with a newly generated one 2022-07-06 17:00:55 -03:00
Daniel
471c47998f TALOS-2022-1535 now if a user is already logged, he will not able to change the session ID 2022-07-06 16:53:02 -03:00
DanieL
dec67392bd https://github.com/WWBN/AVideo/issues/6777 2022-07-06 15:45:54 -03:00
DanieL
0be817d339 Debug send email 2022-07-06 10:34:03 -03:00
DanieL
7cf0b9503c Fix the android player 2022-07-05 18:04:54 -03:00
DanieL
834de473d7 You now can select videos to do NOT play ads 2022-07-01 12:03:00 -03:00
DanieL
1e95204208 Show video files on API for livevideos 2022-06-30 17:49:10 -03:00
Daniel
2f66377b59 fix 2022-06-29 13:44:47 -03:00
Daniel
dca63c89e5 avoid error 2022-06-28 15:12:38 -03:00
Daniel
4a400601ea https://github.com/WWBN/AVideo/issues/6797 2022-06-28 09:20:20 -03:00
Daniel
c1349eef5a Merge branch 'master' of https://github.com/WWBN/AVideo 2022-06-28 09:17:07 -03:00
Daniel
5229511f93 https://github.com/WWBN/AVideo/issues/6797 2022-06-28 09:16:57 -03:00
DanieL
40b6205742 Updates 2022-06-27 19:10:40 -03:00
DanieL
2424037d42 Updates 2022-06-27 19:08:26 -03:00
DanieL
4961ba4c30 Updates 2022-06-27 18:57:24 -03:00
DanieL
2d4c8eeff2 Updates 2022-06-27 17:50:28 -03:00
DanieL
cf9babd83a Updates 2022-06-27 17:43:15 -03:00
DanieL
e39d834f01 Updates 2022-06-27 16:33:43 -03:00
DanieL
cb8b678230 Updates 2022-06-27 16:01:50 -03:00
DanieL
63913f739a Updates 2022-06-27 15:57:32 -03:00
DanieL
e016f4933c Updates 2022-06-27 15:56:14 -03:00
DanieL
c15c8253ce Updates 2022-06-27 15:47:34 -03:00
DanieL
32215c34f7 Updates 2022-06-27 15:34:45 -03:00
DanieL
717208c029 Updates 2022-06-27 15:30:37 -03:00
DanieL
5013a66c63 Updates 2022-06-27 15:29:40 -03:00
DanieL
0e065f3470 Updates 2022-06-27 15:25:55 -03:00
DanieL
71f27d6437 Updates 2022-06-27 15:18:01 -03:00
DanieL
5427baf8f4 Improve download from CDN 2022-06-27 13:24:43 -03:00
DanieL
a43ca7f0b5 Improve download from CDN 2022-06-27 13:12:26 -03:00