Pterodactyl® is a free, open-source game server management panel built with PHP, React, and Go. Designed with security in mind, Pterodactyl runs all game servers in isolated Docker containers while exposing a beautiful and intuitive UI to end users.
232a131448872837f29f285fa0f7be19b39062abf3a9ef617f4b985b03cc27a6 panel.tar.gz
18556850a8081e72e6b3daf8332483063ac8007922df52cefa35ce00b0095432 panel.tar.gz
b5026df64c100fca6e2845fc01f70f3b2767ac9965163df1efa3c10ef6c11266 panel.tar.gz
Due to the severity of the vulnerability fixed in this release the technical details of the underlying bug have been embargoed until October 6th, 2021 @ 12:00 PST. At that time the following security release will become public detailing the underlying details of the vulnerability.
GHSA-5vfx-8w6m-h3v4
(High Severity) (CVSS 3.1: 8.1)
d6a5e0297fc8f62b2983fd90f0e2865594a3145ee8b1aef5de8c05a3e4df7a56 panel.tar.gz
oom_disabled
field in the build
limits block for a server build so that Wings can pick it up.51f9d82b216ab860955cd6e24596c2f016d9811449f92c00a32bc08dd27e96b1 panel.tar.gz
User-Agent
header and an audit log is generated for the action.mount_node
, mount_server
and egg_mount
tables.PER_SCHEDULE_TASK_LIMIT
to allow manual overrides for the number of tasks that can exist on a single schedule. This is currently defaulted to 10
.WingsServerRepository::update()
function — if you were previously using this to modify server elements on Wings please replace calls to it with ::sync()
after updating Wings.a077f11e86fdf94db0b78c6b4a7e1984078d2d9e437458b1aeee3f2316660180 panel.tar.gz
eula
feature is specified.php artisan p:upgrade
not forcing and seeding while running migrations.4a32b6a08f67064bd7c49aa266144ca8baab8ee661442ba9b8030d35c992cbfb panel.tar.gz
start_on_completion
to Wings instance.z-index
on file mass delete modal so it is displayed on top of all elements, rather than hidden under some.ghcr.io
yolks repository.userInteraction
key from eggs which was unused.f0a39543e21664c0354ee04c46ace8993e0c0cfba966d3825c29700a148ad65b panel.tar.gz
IF
statements in database queries when a database user is created through the Panel.uuidShort
field rather than only the uuid
field.b13ac4ad0a01628d0dba8369b12eeeaa38d59b3abdc09daa900d3beb02e92b19 panel.tar.gz
p:upgrade
command.1a8fb006fdfe04f06f5acdb13aafcde03b885613ce9aed9f14b62c103647bce2 panel.tar.gz