2021-03-07 0.9.36
* Fix sf.net issue #5 - its possible to issue a PUT request
without a CONTENT-TYPE. Assume an octet-stream in that case.
* Change the Prefix for variables to be the REQUEST_METHOD
(PUT/DELETE/GET/POST)
**** THIS IS A BREAKING CHANGE vs 0.9.33 ****
* Mitigations vs running haserl to get access to files not
available to the user.
- Fix CVE-2021-29133: Lack of verification in haserl, a component of
Alpine Linux Configuration Framework, before 0.9.36 allows local users
to read the contents of any file on the filesystem.
- Update indentation in hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
661ce9aac9