| Age | Commit message (Collapse) | Author |
|---|
|
A vulnerability in QtIFW produces improper ACLs to be set when
installing in custom locations. This can lead to privilege escalation if
a non-privileged user overwrites the openvpn binary. Thanks to
researchers at Tenable for finding and reporting this!
Impact is considered low-medium, since an installation outside of the
suggested path is needed to trigger the issue.
Privileged execution of openvpn should be abandoned in next release, in
favor of the interactive service.
A bug upstream should be filed since other projects could be affected by
this vulnerability too.
-Resolves: #569
|
|
|
|
- install into global /Applications
- document how to troubleshoot helper
- uninstall app is visible on top-level folder
- improve detection of running processes for old and new binaries
- Closes: #441
- Closes: #445
- Closes: #435
|
|
I kind of liked the "classic" style more (looks cleaner), but it looks
like we only can customize the logo etc with the "modern" look and feel
in windows.
I think the way to go would be to add a QStyleSheet to the installer
(and adding logo etc there), but I think that is going to take some
reading. this is not too bad for now, at least we can put logos to
differentiate riseup/calyx etc.
|
|
|
|
Several fixes for missing paths. Refactor qt installer; fetch pre-built
binaries from an existing installation on build system (needs to be
automated); add windows icon.
- Resolves: #362
|
|
|
