fix!: vulnerability issues #436
Merged
Commits on Jul 27, 2024
-
fix: stop portal packets still being forwarded to the client
Thanks to rooter.rs for notifying me of these issues :) Multiple people made me aware of this one, but they were the first :D For details see https://roote.rs/posts/advancedportals/
-
fix!: disable proxy detection to avoid vulnerabilities (see full comm…
…it for more info) If you are using 1.12 or lower you are unaffected as the features causing this issue were not implemented back then. Thanks to rooter.rs for notifying me of these issues as well as helping code and test a fix for this. Velocity was unaffected by this issue if you had the plugin on the proxy though due to the likelihood that may not be the case I have decided to disable this for everyone by default If you are on bungee you will 100% want to update to this version right away. For a full writeup by roote.rs see https://roote.rs/posts/advancedportals/
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.