Fixed packet exploit
* Fixed packet exploit affecting destinations (only effecting versions 0.5.0 to 0.5.5).
To download from git look in Assets bellow the description of the version, it should be called Advanced-Portals-0.5.6-snapshot.jar. I have swapped it to here for this update as this is an issue that needs a more immediate download speed than waiting for CurseForge to finally catch up.
I was only notified about this earlier today. Luckily only destinations were effected, so people were only able to teleport users to set destinations forcefully. The fixes will disable advanced features for anyone who doesn't have bungee setup correctly to protect the users not using bungee especially.
Who is effected? Anyone using 0.5.0 to 0.5.5. Upgrading should fix it all.
It seems that this specific issue is quite widespread so you may want to check any plugins that use bungee packets to trigger features. Thanks to nyxoh for pointing this issue out.
This effects servers both using and not using bungee so everyone should update to avoid this issue. It seems these checks are not carried out on quite a few plugins so be cautious if you have any plugins that communicate with bungee in some way (though I am unsure if bungee will capture it, you may be just at risk if you don't use bungee).
In the future to avoid possibly worse issues than this, more testing will be going on, especially surrounding features that use packets. I feel its better to be open and clear about this rather than quietly sweep it under the rug.
To download from git look in Assets bellow the description of the version, it should be called Advanced-Portals-0.5.6-snapshot.jar. I have swapped it to here for this update as this is an issue that needs a more immediate download speed than waiting for CurseForge to finally catch up.
I was only notified about this earlier today. Luckily only destinations were effected, so people were only able to teleport users to set destinations forcefully. The fixes will disable advanced features for anyone who doesn't have bungee setup correctly to protect the users not using bungee especially.
Who is effected? Anyone using 0.5.0 to 0.5.5. Upgrading should fix it all.
It seems that this specific issue is quite widespread so you may want to check any plugins that use bungee packets to trigger features. Thanks to nyxoh for pointing this issue out.
This effects servers both using and not using bungee so everyone should update to avoid this issue. It seems these checks are not carried out on quite a few plugins so be cautious if you have any plugins that communicate with bungee in some way (though I am unsure if bungee will capture it, you may be just at risk if you don't use bungee).
In the future to avoid possibly worse issues than this, more testing will be going on, especially surrounding features that use packets. I feel its better to be open and clear about this rather than quietly sweep it under the rug.
Resource Information
Author:
----------
Total Downloads:
142,947
First Release:
Nov 8, 2015
Last Update:
Jan 25, 2025
Category:
---------------
All-Time Rating:
151 ratings
Version
-----
Released:
--------------------
Downloads:
------
Version Rating:
----------------------
-- ratings