Security vulnerabilities in Home Assistant & custom integrations
-
I know that some folks in here are using Home Assistant, but they may not all be visiting the HA website regularly. So I thought I'd share this info here.
They have published two security disclosures recently, informing us about security vulnerabilities found in third party integrations (including HACS, commonly used to integrate Alexa and such), which allowed an attacker to access any file that is accessible by the Home Assistant process. Be sure to upgrade to Home Assistant Core 2021.1.5 or later and all custom integrations as soon as possible.
More details as well as (all?) affected custom integrations can be found in the Home Assistant blog.
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login