Skip to content

CraftOS-PC v2.8.3

Latest
Compare
Choose a tag to compare
@MCJack123 MCJack123 released this 16 Aug 12:03
· 11 commits to master since this release
33d29b9

CraftOS-PC v2.8.3 is primarily a security update that fixes a high severity vulnerability in the filesystem sandbox, as well as fixing a few miscellaneous bugs. Please update at your earliest convenience.

  • Updated CC:T version to 1.112.0
    • Add r+/w+ support to the io library.
    • Report a custom error when using ! instead of not.
    • Add cc.strings.split function.
    • Add missing bounds check to cc.strings.wrap (Lupus950).
  • Security: Fixed a vulnerability allowing filesystem sandbox escape (CVE-2024-43395)
  • Security: Fixed potential data leakage by enhancing type checks (CVE-2024-39840)
  • Fixed error when [[ appears in a [[ long string
  • Fixed setfenv not returning the function passed to it
  • Fixed regression causing debugger to not set hook on all coroutines in stack
  • Fixed exception in fs.list when non-ASCII names are present
  • Added status parameter to HTTP server res.setStatusCode
  • Fixed HTTP server request handles converting line endings
  • file.readAll now correctly returns nil on a second call
  • Fixed an exception when sending an empty WebSocket message (#365)

If you need help using CraftOS-PC, I'm available on the CraftOS-PC Discord server as @jackmacwindows. Feel free to leave a message there if you need anything.