was hoping to finish the IdP stuff during 37c3 but that fell through, so here's all the other recent fixes instead -- happy newyears
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
no vulnerabilities since 2023-07-23
- there is a discord server with an
@everyonein case of future important updates - v1.8.7 (2023-07-23) - CVE-2023-38501 - reflected XSS
- v1.8.2 (2023-07-14) - CVE-2023-37474 - path traversal (first CVE)
new features
- #66 new permission
.to grant access to see dotfiles (hidden files) to specific users- and new volflag
dotsto grant access to all users withread -edstill behaves like before (anyone withrcan see dotfiles in all volumes)
- and new volflag
- #70 new permission
A(alias ofrwmda.) grants read/write/move/delete/admin/dotfiles - #67 folder thumbnails can be dotfiles (
.cover.jpg,.folder.png) if the database is enabled (-e2dsa) - new option
--u2jto specify default number of parallel file uploads in the up2k browser client- default (2) is good on average; 16 can be good when most uploaders are overseas
- curl gets plaintext 404/403 messages
bugfixes
- cors-checking is disabled if the
PWheader is provided, just like the readme always claimed - server would return
200 OKwhile trying to return a file that is unreadable due to filesystem permissions --xdevstill doesn't work on windows, but at least now it doesn't entirely break filesystem indexing- fix tiny resource leak due to funky dualstack on macos
other changes
- logfiles are padded to align messages when
-qis specified, similar to current/previous behavior without-q --hdr-au-usrwas renamed to--idp-h-usrin preparation for other--idpthings- any mentions of
--hdr-au-usrare translated to the new name on startup
- any mentions of
regarding fedora packages
fedora is currently not maintaining the copr-pypi build servers and they died;
if you installed copyparty from copr-pypi, you can upgrade to this release by running one of the following:
dnf install https://ocv.me/copyparty/fedora/37/python3-copyparty.fc37.noarch.rpm
dnf install https://ocv.me/copyparty/fedora/38/python3-copyparty.fc38.noarch.rpm
dnf install https://ocv.me/copyparty/fedora/39/python3-copyparty.fc39.noarch.rpm💾 what to download?
| download link | is it good? | description |
|---|---|---|
| copyparty-sfx.py | ✅ the best 👍 | runs anywhere! only needs python |
| a docker image | it's ok | good if you prefer docker 🐋 |
| copyparty.exe | ⚠️ acceptable | for win8 or later; built-in thumbnailer |
| u2c.exe | ⚠️ acceptable | CLI uploader as a win7+ exe (video) |
| copyparty32.exe | ⛔️ dangerous | for win7 -- never expose to the internet! |
| cpp-winpe64.exe | ⛔️ dangerous | runs on 64bit WinPE, otherwise useless |