github/openclaw
1
1
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-02-19 18:39:20 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): guard local media reads + accept all MEDIA path types (#5976) (thanks @buddyh)

Browse Source
This commit is contained in:
joshp123
2026-02-11 15:00:56 -08:00
parent f7c44755a8
commit dbd9b1e6bc
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@@ -12,6 +12,7 @@ Docs: https://docs.openclaw.ai
### Fixes
- Security: guard local media reads with allowed directory roots to prevent file exfiltration; accept all `MEDIA` path types and defer validation to load time. (#5976) Thanks @buddyh.
- Ollama: use configured `models.providers.ollama.baseUrl` for model discovery and normalize `/v1` endpoints to the native Ollama API root. (#14131) Thanks @shtse8.
- Slack: detect control commands when channel messages start with bot mention prefixes (for example, `@Bot /new`). (#14142) Thanks @beefiker.
- Discord tests: use a partial @buape/carbon mock in slash command coverage. (#13262) Thanks @arosstale.