mirror of
https://github.com/blakeblackshear/frigate.git
synced 2026-04-09 16:47:37 +03:00
b821420dee
* scrub genai API keys and onvif credentials from config endpoint
* enforce camera access in thumbnail tracked-object fallback
The /events/{id}/thumbnail endpoint called require_camera_access when
loading persisted events but skipped the check in the tracked-object
fallback path for in-progress events. A restricted viewer could
retrieve thumbnails from cameras they should not have access to.
* block filter and attach flags in custom ffmpeg export args
The ffmpeg argument blocklist missed -filter_complex, -lavfi, -vf,
-af, -filter, and -attach. These flags can read arbitrary files via
source filters like movie= and amovie=, bypassing the existing -i
block. A user with camera access could exploit this through the
custom export endpoint.
* enforce camera access on VLM monitor endpoint
POST /vlm/monitor allowed any authenticated user to start VLM
monitoring on any camera without checking camera access. A viewer
restricted to specific cameras could monitor cameras they should
not have access to.
* enforce camera access in chat start_camera_watch tool
The start_camera_watch tool called via POST /chat/completion did not
validate camera access, allowing a restricted viewer to start VLM
monitoring on cameras outside their allowed set through the chat
interface.
* restrict review summary endpoint to admin role
* fix require_role call passing string instead of list
* fix section config uiSchema merge replacing base entries
mergeSectionConfig was replacing the entire base uiSchema when a
level override (global/camera) also defined one, causing base-level
ui:after/ui:before directives to be silently dropped. This broke
the SemanticSearchReindex button which was defined in base uiSchema.
|
||
|---|---|---|
| .. | ||
| browserUtil.ts | ||
| cameraUtil.ts | ||
| canvasUtil.ts | ||
| chatUtil.ts | ||
| colorUtil.ts | ||
| configUtil.ts | ||
| credentialMask.ts | ||
| dateUtil.ts | ||
| go2rtcFfmpeg.ts | ||
| i18n.ts | ||
| iconUtil.tsx | ||
| isIFrame.ts | ||
| isPWA.ts | ||
| lifecycleUtil.ts | ||
| logUtil.ts | ||
| passwordUtil.ts | ||
| profileColors.ts | ||
| snapshotUtil.ts | ||
| storageUtil.ts | ||
| stringUtil.ts | ||
| timelineUtil.tsx | ||
| videoUtil.ts | ||
| wsUtil.ts | ||
| zoneEdutUtil.ts | ||