mirror of
https://github.com/openwrt/packages.git
synced 2026-05-31 06:51:51 +08:00
Alexandru Ardelean
f662de1b96
Fixes symlink traversal vulnerability (CVE-2025-26625) that allowed writing files outside the repository on checkout/pull. Other changes since 3.5.1: - Add --refetch option to force re-download of LFS objects - Add --json and --dry-run options for fetch operations - Improve .netrc handling on Windows and macOS root CA support - Upgrade to Go 1.25 (requires Linux kernel 3.2+) Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>