ZeroNet - Decentralized websites using Bitcoin crypto and BitTorrent network
In ZeroNet before rev4188 the wrapper template variables was rendered incorrectly.
Result: The opened site was able to gain WebSocket connection with unrestricted ADMIN/NOSANDBOX access, change configuration values and possible RCE on the client's machine.
Fix: Fixed the template rendering code, disallowed WebSocket connections from unknown locations, restricted open_browser configuration values to avoid possible RCE in case of sandbox escape.
~
in filenames (by d14na){data}
for data dir variable in trackers_file valueIn ZeroNet 0.6.3 Rev3615 and earlier as a result of invalid file type detection, a malicious site could escape the iframe sandbox.
Result: Browser iframe sandbox escape
Applied fix: Replaced the previous, file extension based file type identification with a proper one.
Affected versions: All versions before ZeroNet Rev3616
as
API command on different sites with Cors permission--log_level
to reduce log verbosity and IO load--debug_gevent
and turned on Gevent block logging by default--download_optional auto
argument to enable automatic optional file downloading for newly added siteAdded
Changed
Fixed
Fix
Added
Changed