mirror of
https://github.com/farcasclaudiu/openclaw.git
synced 2026-06-29 11:02:12 +03:00
fix: harden host exec env validation (#4896) (thanks @HassanFleyah)
This commit is contained in:
Peter Steinberger
@@ -29,6 +29,7 @@ Docs: https://docs.openclaw.ai
|
||||
- Browser: secure Chrome extension relay CDP sessions.
|
||||
- Docker: use container port for gateway command instead of host port. (#5110) Thanks @mise42.
|
||||
- fix(lobster): block arbitrary exec via lobsterPath/cwd injection (GHSA-4mhr-g7xj-cg8j). (#5335) Thanks @vignesh07.
|
||||
- Security: block LD_/DYLD_ env overrides for host exec. (#4896) Thanks @HassanFleyah.
|
||||
- Security: harden web tool content wrapping + file parsing safeguards. (#4058) Thanks @VACInc.
|
||||
|
||||
## 2026.1.30
|
||||
|
||||
Reference in New Issue
Block a user