dont ban the pipes
the previous release had all the fun new features... this one's just bugfixes
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
no vulnerabilities since 2023-07-23
- there is a discord server with an
@everyonein case of future important updates - v1.8.7 (2023-07-23) - CVE-2023-38501 - reflected XSS
- v1.8.2 (2023-07-14) - CVE-2023-37474 - path traversal (first CVE)
bugfixes
- less aggressive rejection of requests from banned IPs 51d3158
- clients would get kicked before the header was parsed (which contains the xff header), meaning the server could become inaccessible to everyone if the reverse-proxy itself were to "somehow" get banned
- ...which can happen if a server behind cloudflare also accepts non-cloudflare connections, meaning the client IP would not be resolved, and it'll ban the LAN IP instead heh
- that part still happens, but now it won't affect legit clients through the intended route
- ...which can happen if a server behind cloudflare also accepts non-cloudflare connections, meaning the client IP would not be resolved, and it'll ban the LAN IP instead heh
- the old behavior can be restored with
--early-banto save some cycles, and/or avoid slowloris somewhat
- clients would get kicked before the header was parsed (which contains the xff header), meaning the server could become inaccessible to everyone if the reverse-proxy itself were to "somehow" get banned
- the unpost feature could appear to be disabled on servers where no volume was mapped to
/0287c7b - python 3.12 support for compiling the dependencies necessary to detect bpm/key in audio files 32553e4
other changes
- mention real-ip configuration in the readme ee80cdb