Skip to content

v3.2.3 - API hardening release

Latest
Latest
Compare
Choose a tag to compare
@github-actions github-actions released this 27 Oct 17:06
· 1 commit to bullseye64 since this release
v3.2.3
4884e28
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

The purpose of this release is to update the default behavior for API access. External access is now disabled by default, effectively limiting API access only to processes on the same device, such as webui to core.

For additional relevant notes and considerations, see the previous v3.2.2 release notes.

Changes

  • API access hardening by removing the allow rule from iptables firewall rules in pi-gen. This effectively removes external access to the API by default. The wlanpi-core package will manage any needed firewall rules moving forward.
  • SHA256 checksum are now generated and available. Note that the checksum corresponds to the zip file containing the WLAN Pi OS image, not the image file itself.

Credits

Contributors

MichaelKetchel and joshschmelzle
Assets 6
Loading