1
1
Fork 0
mirror of https://github.com/pbatard/rufus.git synced 2024-08-14 23:57:05 +00:00
Commit graph

1357 commits

Author SHA1 Message Date
Pete Batard
6a45a678b3 [ui] ensure that the same drive is re-selected on device refresh 2017-10-23 17:09:18 +01:00
embar-
1af0e16e91 [loc] update Lithuanian translation
* Closes #1034
2017-10-13 16:38:57 +01:00
Will Thompson
88631806da [cmp] propagate decompression errors from bled
* If, for example, you have a truncated gz-compressed file and try to
  write it to disk, bled_uncompress_with_handles() will return an error.
  Previously, this was not reported back to the user.
* Closes #1040
2017-10-13 10:48:37 +01:00
Pete Batard
293440b2e9 [pki] fix a minor initialization issue 2017-10-13 10:47:26 +01:00
jzeferino
7f82dbf0fc [loc] fix some Portuguese (Portugal) translation
* Closes #1032
2017-10-03 14:08:03 +02:00
Andrea Wood
bb311f0042 [loc] update Danish translation to latest 2017-09-28 19:10:14 +02:00
Pete Batard
8286a0f63a [core] add a cheat mode to reset the current USB device (cycle port)
* Will not work on Vista, Windows 7 or Server 2008
* Also update Windows version info
2017-09-15 13:56:01 +01:00
Pete Batard
13ba3e75b3 [misc] fix VS2017 code analysis warnings
* Also set rufus-next to 2.18
2017-09-14 19:06:04 +01:00
Pete Batard
44c9cb0b82 [iso] add support for ISO9660 multiextent files
* Closes #1007
2017-09-14 17:36:54 +01:00
Pete Batard
14d2a629c9 v2.17 (build 1198) 2017-09-12 10:48:10 +01:00
Pete Batard
92c05556d1 [iso] add a warning for unsupported multi-extent ISO-9660 files
* This is related to issue #1007, which libcdio still needs to fix.
2017-09-11 19:06:51 +01:00
Pete Batard
e3fbfb30d3 [pki] add country code validation on signature check
* Also validate against the CN rather than the simple name, and require an exact match
2017-09-11 12:13:47 +01:00
Roberto Pino
f89f97d4ab [loc] update Dutch translation to latest 2017-09-09 00:17:50 +01:00
Pete Batard
c22b378f9a [misc] display image and disk size in the log
* Also fix 2 Coverity warnings
* Also remove unneeded LFs in drive.c
2017-09-08 15:38:30 +01:00
Pete Batard
4a213c3ba0 [core] allow the use of A: and B: as drive letters and fix in-use detection for Z:
* Closes #1016
* Also expand support for Arch Linux derivatives Syslinux config files
2017-09-06 14:00:31 +01:00
Pete Batard
9464ae94a4 [pki] more ASN.1 parser improvements 2017-09-05 22:21:34 +01:00
Pete Batard
94e4c0905b [pki] improve ASN.1 parser
* Enable search from OIDs expressed as strings and ignore non UNIVERSAL classes
2017-09-04 14:32:56 +01:00
Pete Batard
a73e695ba4 [pki] timestamp validation improvements
* Add timestamp processing for nested signature and check for anomalous differences
* Also prevent attack scenarios that may attempt to leverage multiple nested signatures or countersigners
* Simplify code by using CryptDecodeObjectEx/WinVerifyTrustEx and improve timestamp reporting
2017-09-03 13:54:07 +01:00
Pete Batard
c74d7bce1f [misc] update ChangeLog for BETA 2017-09-02 16:06:41 +01:00
Pete Batard
35da381a11 [pki] check timestamp chronology during update validation
* Done to address the second "vulnerability" proposed in #1009, independently
  of the protocol used.
2017-09-02 15:27:56 +01:00
Pete Batard
c3c39f7f8a [pki] fix https://www.kb.cert.org/vuls/id/403768
* This commit effectively fixes https://www.kb.cert.org/vuls/id/403768 (CVE-2017-13083) as
  it is described per its revision 11, which is the latest revision at the time of this commit,
  by disabling Windows prompts, enacted during signature validation, that allow the user to
  bypass the intended signature verification checks.
* It needs to be pointed out that the vulnerability ("allow(ing) the use of a self-signed
  certificate"), which relies on the end-user actively ignoring a Windows prompt that tells
  them that the update failed the signature validation whilst also advising against running it,
  is being fully addressed, even as the update protocol remains HTTP.
* It also need to be pointed out that the extended delay (48 hours) between the time the
  vulnerability was reported and the moment it is fixed in our codebase has to do with
  the fact that the reporter chose to deviate from standard security practices by not
  disclosing the details of the vulnerability with us, be it publicly or privately,
  before creating the cert.org report. The only advance notification we received was a
  generic note about the use of HTTP vs HTTPS, which, as have established, is not
  immediately relevant to addressing the reported vulnerability.
* Closes #1009
* Note: The other vulnerability scenario described towards the end of #1009, which
  doesn't have to do with the "lack of CA checking", will be addressed separately.
2017-08-31 12:19:11 +01:00
Pete Batard
fe3004d17f [misc] use UTF-8 compatible _unlinkU() when deleting files 2017-08-30 11:24:47 +01:00
Ino-Bagaric
bf09842fd2 [misc] remove duplicate definition
* Closes #1011
2017-08-29 11:57:01 +01:00
Pete Batard
36cadcfcca [pki] improve error handling
* FormatMessage() does not handle PKI errors
* Also fix an issue with non-official version detection when the language is not English
2017-08-27 15:07:35 +01:00
Pete Batard
868eea5069 [loc] fix Spanish translation 2017-08-26 11:32:40 +01:00
Pete Batard
8b094e840b [net] use http instead of https for downloads
* Since 2.17 will be the last version to support XP, and the native XP SSL
  implementation is too old to access our downloads though https.
2017-08-17 13:33:20 +01:00
Feras n
9de244c10e [loc] update Arabic translation to latest 2017-08-16 16:39:20 +01:00
Pete Batard
58a38145b7 [misc] finally, set .editorconfig to use UTF-8 *without* BOM
* The new VS2017 15.3 appears to have fixed this annoying bug at long last:
  https://developercommunity.visualstudio.com/content/problem/22922/editorconfig-support-interprets-charset-utf-8-as-u.html
2017-08-14 21:40:56 +01:00
Pete Batard
5348591729 [core] add support for more non-USB card readers
* Closes #998
2017-08-13 21:03:01 +01:00
Pete Batard
c82842ce2a [core] add Super Floppy Disk support 2017-08-12 15:12:00 +01:00
Pete Batard
65f5ccd28b [ui] fix log no longer automatically scrolling to the last line
* Introduced in 369a392af0 because, of course when Microsoft has a
  call that goes (###, param1, param2) they define a macro for it that goes (param2, param1)...
2017-08-11 11:47:27 +01:00
Pete Batard
3a150ddeda [core] add support for more non-USB card readers
* Closes #994
2017-08-11 11:43:37 +01:00
Pete Batard
90dc847e24 [misc] add static_strcat & static_strcpy and use static_ calls wherever possible
* Also set Rufus next to 2.17 and fix a warning
2017-08-10 19:43:52 +01:00
Pete Batard
5d371088cb [iso] add EFI boot support from 'efi.img' FAT images
* Required to support Debian Live 9.1 in ISO mode
* Note that this only works if the efi.img boot files do not require
  additional content besides the one extracted from the ISO.
2017-08-09 16:27:11 +01:00
Na Jiyoun
3d33493c6f [loc] update Korean translation to latest 2017-08-07 18:11:04 +01:00
Pete Batard
eb5087d504 [togo] fix a typo in index selection and add support for nonofficial ISOs
* Closes #991
2017-08-02 18:59:45 +01:00
Jeroen Sack
65fd9770cb [misc] fix typo in Changelog
* Closes #990
2017-07-31 12:31:26 +01:00
Pete Batard
925837e4d3 v2.16 (build 1170) 2017-07-31 10:55:41 +01:00
Zia Azimi
9740e94876 [loc] update Persian translation to latest 2017-07-29 17:40:10 +01:00
Pete Batard
d620d8848d [loc] fix RTL display of ISO truncation notification
* Also don't use MessageBoxU where unneeded
2017-07-29 17:34:11 +01:00
Nikolaos Margaritis
d7d6caebe1 [loc] update Greek translation to latest 2017-07-29 15:45:55 +01:00
Martin Kubánik
e68df21a16 [loc] update Slovak translation to latest 2017-07-29 15:42:32 +01:00
Krasimir Newenow
6db159be9e [loc] update Bulgarian translation to latest 2017-07-28 15:33:23 +01:00
Matej Horvat
0887368988 [loc] update Slovenian translation to latest 2017-07-28 13:10:51 +01:00
Arif Budiman
a96a615a66 [loc] update Indonesian translation to latest 2017-07-28 13:08:15 +01:00
Gintaras Venslovas
1baf1b7d1a [loc] update Lithuanian translation to latest 2017-07-26 11:48:56 +01:00
Pete Batard
bb00e220ac [ui] more info field fixes
* Prevent text selection and try to force a redraw, to ensure the text is centered on update
* Also update the libcdio 'AL' workaround
2017-07-26 11:47:02 +01:00
Pete Batard
0a3c04379b [misc] fix Coverity warnings 2017-07-25 12:19:50 +01:00
Ivan Strugar
3622b441ed [loc] update Serbian translation to latest 2017-07-25 00:19:35 +01:00
Tiago Rinaldi
32b8b5b232 [loc] update Portuguese (Brazilian) translation to latest
* Closes #981
2017-07-24 17:34:44 +01:00