1.5.10.41

This is the initial release in the new ‘stable’ branch. Provided there aren't reports of issues from community testers, we plan to automate monthly releases from the ‘staging’ branch (dev-branch) into the stable branch. These releases will include security patches, bug fixes, and feature enhancements for the general FOG userbase at a faster pace that's more in line with things as they're developed. The first manual release ensures a secure installation path due to recent security issues that have been patched and are registered as CVEs, they are listed below.
See also https://forums.fogproject.org/category/25/security-advisories

Security fixes

• CVE-2024-39914 - Command injection in /fog/management/export.php?filename=
• CVE-2024-39916 - NFS server misconfiguration allows file access outside the exported directory
• CVE-2024-34477 - NFS share - Privilege Escalation
• CVE-2024-41108 - Sensitive Information Disclosure
• CVE-2024-40645 - Authenticated File Upload RCE
• CVE-2024-41954 - Weak file permissions
• CVE-2023-46237 - Path traversal via unauthenticated endpoint.
• CVE-2023-46236 - SSRF via unauthenticated endpoint(s).
• CVE-2023-46235 - Stored XSS on log screen via unsanitized request logging.

Note: All these security fixes also apply to the latest beta version available in the working-1.6 branch.

What's Changed

• FIX #567 ldap plugin with PHP 8 by @tomamplius in #570
• FIX : Failed to open stream : No such file or directory by @tomamplius in #569
• fix php8.2 error by @tomamplius in #573
• Dev branch - Fix spelling error (ilke to like) by @lukebarone in #580
• Update version number - BF by @lukebarone in #581
• Argument parsing loop rewrite & fix double dash arguments by @rluzuriaga in #585
• Add experimental kernel update, Initrd Update settings page, and ARM kernel version information by @rluzuriaga in #588
• refactor: quality of life menu order preview improvement by @alryaz in #579

Additional Info/Optional Changes

• If you use the new Experimental Kernel/Init update system to update to the latest kernel, the fos and ipxe system now respect the pass-thru mac when a USB ethernet adapter is used on a system with pass-thru mac aka mac emulation enabled in the bios/firmware settings. This makes for simpler workflows when imaging devices that have no built-in ethernet adapter but that do support mac address pass thru of their supported adapters.

New Contributors

• @tomamplius made their first contribution in #570
• @rluzuriaga made their first contribution in #585
• @alryaz made their first contribution in #579

Full Changelog: 1.5.10...1.5.10.41