OpenList

v4.1.3 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 8mo File Storage & Sync

✓ No known CVEs patched

This release patches 1 known CVE

Topics

alist aliyunpan baidupan openlist

Affected surfaces

rce_ssrf

Summary

AI summary

Fixes Zip slip security vulnerability.

Full changelog

189PC,189TV:
- Add refreshToken and qrcode login - by @foxxorcat in https://github.com/OpenListTeam/OpenList/issues/1205 (c15ae)
alias:
- Support pass through provider - by @KirCute in https://github.com/OpenListTeam/OpenList/issues/1269 (bbb7c)
drivers:
- Add cnb_releases - by @xrgzs in https://github.com/OpenListTeam/OpenList/issues/1033 (f1a50)
- Add a driver that divides large files into multiple chunks - by @KirCute in https://github.com/OpenListTeam/OpenList/issues/1153 (3936e)
local:
- Auto create recycle dir if not exists - by @tursom in https://github.com/OpenListTeam/OpenList/issues/1244 (1fe26)
style:
- Add driver icons and disk usage - by @KirCute in https://github.com/OpenListTeam/OpenList/issues/1274 (cc16c)

123: Add get and list hash info - by @KirCute in https://github.com/OpenListTeam/OpenList/issues/1278 (61a8e)
ci: Add tag_name to upload assets step - by @Suyunmeng in https://github.com/OpenListTeam/OpenList/issues/1234 (433dc)
local: Cannot mkdir on specific platforms - by @KirCute in https://github.com/OpenListTeam/OpenList/issues/1304 (68433)
security: Zip slip - by @hshpy in https://github.com/OpenListTeam/OpenList/issues/1228 (c1d03)
stream: Http chucked upload issue - by @TwoOnefour in https://github.com/OpenListTeam/OpenList/issues/1152 (cbbb5)