curben/cloudflared-mirror

Author	SHA1	Message	Date
Hillwood Yang	59d512a293	fix: CVE-2024-45337: cloudflared: golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass ingolang.org/x/crypto	2024-12-14 19:17:51 +08:00
Chung-Ting	12dd91ada1	TUN-8052: Update go to 1.21.5 Also update golang.org/x/net and google.golang.org/grpc to fix vulnerabilities, although cloudflared is using them in a way that is not exposed to those risks	2023-12-15 12:17:21 +00:00
Devin Carr	81fe0bd12b	TUN-7628: Correct Host parsing for Access Will no longer provide full hostname with path from provided `--hostname` flag for cloudflared access to the Host header field. This addresses certain issues caught from a security fix in go 1.19.11 and 1.20.6 in the net/http URL parsing.	2023-07-25 09:33:11 -07:00

Author

SHA1

Message

Date

Hillwood Yang

59d512a293

fix: CVE-2024-45337: cloudflared: golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass ingolang.org/x/crypto

2024-12-14 19:17:51 +08:00

Chung-Ting

12dd91ada1

TUN-8052: Update go to 1.21.5

Also update golang.org/x/net and google.golang.org/grpc to fix vulnerabilities,
although cloudflared is using them in a way that is not exposed to those risks

2023-12-15 12:17:21 +00:00

Devin Carr

81fe0bd12b

TUN-7628: Correct Host parsing for Access

Will no longer provide full hostname with path from provided
`--hostname` flag for cloudflared access to the Host header field.
This addresses certain issues caught from a security fix in go
1.19.11 and 1.20.6 in the net/http URL parsing.

2023-07-25 09:33:11 -07:00

3 Commits