Skip to content

Release 1.3.16

Latest
Latest
Compare
Choose a tag to compare
@github-actions github-actions released this 05 Aug 21:22
1.3.16
201f51a

=== 1.3.16

  • Support for Ruby 3.0 and above. Drop ruby 2.6 and 2.7 support.
  • At startup, OCRAN no longer automatically removes directories that were previously deployed but couldn't be deleted. This change has been made to enhance security by preventing processes other than the startup process from manipulating temporary files created by them.
  • The ability for the stub to launch any script during the unpacking of application files has been removed. This feature was not in use.
  • The exit code from the Ruby application is now returned when the stub is terminated.
  • The packed data no longer contains redundant directory information.
  • Fixed errors in the --debug option.
  • Upgraded LZMA decoder to version 22.01
  • The directory generation for file extraction has been changed to use unique directory names created with high-resolution timestamps. Additionally, a retry limit for directory creation has been introduced, reducing the risk of infinite loops due to name collisions.
  • Implemented variable-length buffer handling for path strings in stub, eliminating the risk of buffer overruns dependent on MAX_PATH.
  • In order to reduce security risks during the cleanup process before application termination, we have implemented a safe current directory change from the system directory and the root of the C drive to the user's temporary directory and the directory of the app executable.
  • The 'stub' executable has been enhanced for security, ensuring it prevents directory traversal attacks by verifying that path elements do not contain relative notations like '.' or '..'.
  • Removed OcranBuilder and split functionality into StubBuilder and InnoSetupBuilder to introduce delayed loading and improve resource efficiency.
  • InnoSetup installer now operates independently of stub, launching through its own batch file.
  • Moved LibraryDetector to a separate file for modularity and implemented delayed loading with standardized Fiddle usage.
  • Update Bundler from 2.4.13 to 2.5.10.
  • Fixed issue where the gem.build_complete file was not included in the package due to an incorrect change.
  • Changed error output from standard output to standard error (stderr).
  • ocransa (Ocran-stand-alone) has been discontinued.
  • The implementation of bin/ocran.rb has been refactored and split into multiple files. These files have been relocated to the lib directory.
Assets 3
Loading