Upstream/esphome-docs
1
0
Fork 0
mirror of https://github.com/esphome/esphome-docs.git synced 2025-02-28 03:41:57 +01:00
Code Issues Projects Releases Wiki Activity

Update changelog for 2021.9.2

Browse Source
This commit is contained in:
Jesse Hills 2021-09-28 15:50:33 +13:00
parent 065b06e280
commit cc28fda938
No known key found for this signature in database
GPG Key ID: BEAAE804EFD8E83A
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
changelog/2021.9.0.rst
View File

@ -15,6 +15,14 @@ ESPHome 2021.9.0 - 15th September 2021
ST7920, components/display/st7920, st7920.jpg
Web Server Vulnerability
------------------------
It was brought to our attention by :ghuser:`andir` that the :doc:`/components/web_server` had a vulnerability in that
the OTA form could be POST'd to without the basic auth credentials set in the ``web_server`` configuration.
If you use the ``web_server`` and rely on the credentials for security, then you need to upgrade to 2021.9.2 or
disable the ``web_server`` completely.
`Home Assistant Amber <https://home-assistant.io/amber>`__
----------------------------------------------------------
@ -66,6 +74,13 @@ Release 2021.9.1 - September 20
- Add readv and writev for more efficient API packets :esphomepr:`2342` by :ghuser:`OttoWinter`
- Clean-up sensor integration :esphomepr:`2275` by :ghuser:`oxan`
Release 2021.9.2 - September 28
-------------------------------
- Bump aioesphomeapi to 9.1.1 :esphomepr:`2350` by :ghuser:`OttoWinter`
- Midea fix :esphomepr:`2395` by :ghuser:`dudanov`
- Fix lint issues in web_server_base :esphomepr:`2409` by :ghuser:`jesserockz`
Full list of changes
--------------------