Skip to content
Snippets Groups Projects
Select Git revision
  • main default protected
  • increment
  • upstream_obfs4
  • obfs4_over_kcp
  • ci_fixes
  • bug/stop-fw-osx
  • feat/drawer-implementation
  • osx-fonts
  • feat/ui-redesign
  • master
  • 0.21.11
  • 0.21.6
  • 0.21.2
  • 0.20.4
  • 0.20.1
  • 0.19.11
  • 0.19.6
  • 0.19.2
  • 0.19.1
  • 0.18.12
  • 0.18.11
  • 0.18.10
  • 0.18.9
  • 0.0.1
  • 0.0
25 results
Search by author
  • Any Author
0 authors
  1. Mar 15, 2022
    • Sam Whited's avatar
      Remove dependency on statik and use go:embed · a0f8afb9
      Sam Whited authored 
      
This removes a dependency by using the built-in go:embed functionality
introduce in Go 1.16 instead of statik for embedding files.
This means that Go 1.16+ would now be required to build the VPN.

Signed-off-by: default avatarSam Whited <sam@samwhited.com>
      a0f8afb9
    • Sam Whited's avatar
      Remove vendor from git · 2d95d4d0
      Sam Whited authored 
      
Previously we saved the vendor tree in version control, making any
commit that changed a dependency rather large.
Go Modules gives us most of the advantages of vendoring except that if a
dependency which is not stored on the proxy is deleted we would lose
access to it.
For now, we can remove the vendor tree and when we get CI working again
we can possibly generate and save the vendor tree as a build artifact.

Signed-off-by: default avatarSam Whited <sam@samwhited.com>
      2d95d4d0
  3. Feb 28, 2022
  5. Feb 02, 2022
  7. Dec 22, 2021
  9. Dec 20, 2021
  11. Dec 16, 2021
  13. Dec 15, 2021
    • Kali Kaneko's avatar
      [pkg] fix calyx build for osx · a114b25c
      Kali Kaneko authored and Kali Kaneko's avatar Kali Kaneko committed 
      - binary name is different in the osx bundle, theme won't load
- calyx is not ready for tls 1.2 yet
      a114b25c
    • Kali Kaneko's avatar
      [pkg] bump debian version · f336f8f0
      Kali Kaneko authored
      View commits for tag 0.21.11 0.21.11
      f336f8f0
    • kali's avatar
      [bug] avoid installing in custom paths · e694a038
      kali authored and Kali Kaneko's avatar Kali Kaneko committed 
      A vulnerability in QtIFW produces improper ACLs to be set when
installing in custom locations. This can lead to privilege escalation if
a non-privileged user overwrites the openvpn binary. Thanks to
researchers at Tenable for finding and reporting this!

Impact is considered low-medium, since an installation outside of the
suggested path is needed to trigger the issue.

Privileged execution of openvpn should be abandoned in next release, in
favor of the interactive service.

A bug upstream should be filed since other projects could be affected by
this vulnerability too.

-Resolves: #569
      e694a038
  15. Dec 14, 2021
  17. Dec 13, 2021
  19. Dec 10, 2021
  21. Dec 09, 2021
  23. Dec 08, 2021