masterdraco/IPTV-Updates
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
afdca1c616c0467d8489a2f615b630f3e00aceac
IPTV-Updates/v2.7.7.json
root c5b55a3e7c Add v2.7.7 critical security patch
2025-09-22 14:33:29 +00:00

73 lines
2.5 KiB
JSON
Raw Blame History

{
"version": "2.7.7",
"release_date": "2025-09-22",
"severity": "critical",
"description": "Critical Security Fix - Hardware ID Isolation",
"changelog": [
"CRITICAL: Fixed security vulnerability where Hardware IDs were synchronized between servers through Redis",
"SECURITY: Each server now maintains completely isolated license state using hardware_id-specific Redis keys",
"SECURITY: Prevents license sharing between cloned VMs or servers sharing Redis instance",
"FIX: Hardware IDs no longer stored in global Redis keys",
"FIX: All license data now scoped to individual hardware_id namespaces",
"FIX: Updated license_validator.py to use hardware_id-specific cache keys",
"FIX: Updated license_manager.py to always use local hardware_id",
"FIX: Updated demo_middleware.py to use hardware_id-specific keys",
"FIX: Updated app.py license refresh to clear hardware_id-specific cache",
"ENHANCEMENT: Added security comments throughout codebase"
],
"files": [
{
"path": "app/license_validator.py",
"action": "update",
"content": "# File content will be retrieved from repository"
},
{
"path": "app/license_manager.py",
"action": "update",
"content": "# File content will be retrieved from repository"
},
{
"path": "app/demo_middleware.py",
"action": "update",
"content": "# File content will be retrieved from repository"
},
{
"path": "app/app.py",
"action": "update",
"content": "# Partial update - license refresh endpoint only"
},
{
"path": "app/startup_fix.py",
"action": "update",
"content": "# Updated version to 2.7.7"
},
{
"path": "app/version.py",
"action": "update",
"content": "# Updated fallback version to 2.7.7"
},
{
"path": "app/VERSION",
"action": "update",
"content": "2.7.7"
}
],
"requirements": {
"min_version": "2.7.0",
"restart_required": true,
"clear_redis_required": true
},
"install_instructions": [
"1. This patch fixes a critical security vulnerability",
"2. Stop all services before applying",
"3. Apply the patch",
"4. Clear Redis license keys: redis-cli --scan --pattern 'license:*' | xargs redis-cli del",
"5. Restart all services",
"6. Each server will regenerate its own isolated license state"
],
"rollback_instructions": [
"1. Restore previous version files",
"2. Restart services",
"Note: Rolling back will re-introduce the security vulnerability"
]
}
Reference in New Issue View Git Blame Copy Permalink