OnionShare is a secure and anonymous way to share files
OnionShare lets you securely and anonymously share files of any size. It works by starting a web server, making it accessible as a Tor Onion Service, and generating an unguessable URL to access and download the files.
It does not require setting up a separate server or using a third party file-sharing service. You host the files on your own computer and use a Tor Onion Service to make it temporarily accessible over the internet. The receiving user just needs to open the URL in Tor Browser to download the file.
- Developed at devel:languages:python
- Sources inherited from project openSUSE:Factory
-
3
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Factory:zSystems/python-onionshare && cd $_
- Create Badge
Refresh
Refresh
Source Files
Filename | Size | Changed |
---|---|---|
0001-adjust_tests.diff | 0000000486 486 Bytes | |
fix-test-cli-web.patch | 0000000592 592 Bytes | |
onionshare-2.5.tar.gz | 0006585296 6.28 MB | |
python-onionshare.changes | 0000009656 9.43 KB | |
python-onionshare.spec | 0000004992 4.88 KB | |
relax-async-mode.patch | 0000000770 770 Bytes |
Revision 11 (latest revision is 20)
Dominique Leuenberger (dimstar_suse)
accepted
request 967749
from
Axel Braun (DocB)
(revision 11)
- Additional changes: * drop python-stem in favor of python-cepa * relax-async-mode.patch added * fix-test-cli-web.patch added * fix for boo#1194866 - Update to version 2.5.0 * CVE-2022-21696: It was possible to change the username to that of another chat participant with an additional space character at the end of the name string. * CVE-2022-21695: Authenticated users (or unauthenticated in public mode) could send messages without being visible in the list of chat participants * CVE-2022-21694: * CVE-2022-21693: An adversary with a primitive that allows for filesystem access from the context of the Onionshare process could access sensitive files in the entire user home folder. * CVE-2022-21692: anyone with access to the chat environment could write messages disguised as another chat participant * CVE-2022-21691: chat participants could spoof their channel leave message, tricking others into assuming they left the chatroom. * CVE-2022-21690: The path parameter of the requested URL was not sanitized before being passed to the QT frontend. This path is used in all components for displaying the server access history. * CVE-2022-21688, CVE-2022-21689: Use microseconds in Receive mode directory creation to avoid potential DoS * Major feature: * Obtain bridges from Moat / BridgeDB * Snowflake bridge support * New feature: * Tor connection settings, as well as general settings, are now Tabs rather than dialogs * User can customize the Content-Security-Policy header in Website mode * Built-in bridges are automatically updated from Tor's API when the user has chosen to use them * Switch to using stem fork called cepa * Various bug fixes - Drop desktop file, upstream already provides one - Install metainfo file - Adjust requirements - Added relax-async-mode.patch
Comments 0