diff --git a/website/docs/changelog/0.3.5.md b/website/docs/changelog/0.3.5.md index 67a216cd..c31bd79c 100644 --- a/website/docs/changelog/0.3.5.md +++ b/website/docs/changelog/0.3.5.md @@ -13,6 +13,16 @@ Not yet released. - [Error IDs](https://i.postimg.cc/dtC3M7Mq/500.png) to help administrators trace OpenPanel errors with the new command [`opencli error`](https://dev.openpanel.com/cli/error.html). - [`opencli domais-delete` command](https://dev.openpanel.com/cli/domains.html#Delete-Domain). +### ️🚨 Security fixes +- *Insecure Permission Modification via Fix Permission Function* – vulnerability in 'OpenPanel > Files > Fix Permissions' allowed an attacker to access other files outside of the `/home/username/` directory within the user's container. +- *Remote Code Execution via Fix Permission* – vulnerability in 'OpenPanel > Files > Fix Permissions' allowed an attacker to execute commands inside the OpenPanel UI container which is accessible to all users. +- *Remote Code Execution via Change Time Zone* – vulnerability in 'OpenPanel > Server > Change TimeZone' allowed an attacker to execute commands inside the OpenPanel UI container which is accessible to all users. +- *Unauthorized File Access via Copy Function* – vulnerability in 'copy' function on the 'OpenPanel > File Manager' page allowed an attacker to access files from the OpenPanel UI container. +- *Unauthorized File Access via Compress Function* – vulnerability in 'compress' function on the 'OpenPanel > File Manager' page allowed an attacker to compress files from the OpenPanel UI container. +- *Unauthorized File Access* – vulnerability in the url parsing on 'OpenPanel > File Manager' page allowed an attacker to access files from the OpenPanel UI container. +- *Unauthorized File Access via Download Function* – vulnerability in 'download' function on the 'OpenPanel > File Manager' page allowed an attacker to download files from the OpenPanel UI container. +- *Unauthorized File Access via View Function* – path traversal vulnerability in 'view file' function on the 'OpenPanel > File Manager' page allowed an attacker to manipulate the file path and view files from the OpenPanel UI container. + ### 🐛 Bug fixes - [#66](https://github.com/stefanpejcic/OpenPanel/issues/66), [#265](https://github.com/stefanpejcic/OpenPanel/issues/265), [#266](https://github.com/stefanpejcic/OpenPanel/issues/266), [#268](https://github.com/stefanpejcic/OpenPanel/issues/268), [#269](https://github.com/stefanpejcic/OpenPanel/issues/269), [#271](https://github.com/stefanpejcic/OpenPanel/issues/271) - Fixed bugs with [install script on Debian12 Hetzner ISO](https://community.openpanel.org/d/110-installation-issue/6). @@ -24,13 +34,3 @@ Not yet released. - Optimized `openpanel/openpanel:latest` docker image. - `git` and `apparmor` are now installed automatically on Debian12. -### ️🚨 Security fixes -- *Insecure Permission Modification via Fix Permission Function* – vulnerability in 'OpenPanel > Files > Fix Permissions' allowed an attacker to access other files outside of the `/home/username/` directory within the user's container. -- *Remote Code Execution via Fix Permission* – vulnerability in 'OpenPanel > Files > Fix Permissions' allowed an attacker to execute commands inside the OpenPanel UI container which is accessible to all users. -- *Remote Code Execution via Change Time Zone* – vulnerability in 'OpenPanel > Server > Change TimeZone' allowed an attacker to execute commands inside the OpenPanel UI container which is accessible to all users. -- *Unauthorized File Access via Copy Function* – vulnerability in 'copy' function on the 'OpenPanel > File Manager' page allowed an attacker to access files from the OpenPanel UI container. -- *Unauthorized File Access via Compress Function* – vulnerability in 'compress' function on the 'OpenPanel > File Manager' page allowed an attacker to compress files from the OpenPanel UI container. -- *Unauthorized File Access* – vulnerability in the url parsing on 'OpenPanel > File Manager' page allowed an attacker to access files from the OpenPanel UI container. -- *Unauthorized File Access via Download Function* – vulnerability in 'download' function on the 'OpenPanel > File Manager' page allowed an attacker to download files from the OpenPanel UI container. -- *Unauthorized File Access via View Function* – path traversal vulnerability in 'view file' function on the 'OpenPanel > File Manager' page allowed an attacker to manipulate the file path and view files from the OpenPanel UI container. -