From d9cc0ffa23fcec7d997a26e0e1b10bca44725be8 Mon Sep 17 00:00:00 2001
From: Book Pauk <bookpauk@gmail.com>
Date: Mon, 17 Oct 2022 23:16:27 +0700
Subject: [PATCH 1/2] =?UTF-8?q?=D0=98=D1=81=D0=BF=D1=80=D0=B0=D0=B2=D0=BB?=
 =?UTF-8?q?=D0=B5=D0=BD=20=D0=B1=D0=B0=D0=B3=20"Malicious=20entry"=20-=20?=
 =?UTF-8?q?=D1=80=D1=83=D0=B3=D0=B0=D0=BB=D1=81=D1=8F=20=D0=BD=D0=B0=20?=
 =?UTF-8?q?=D0=BD=D0=B5=D0=B2=D0=B0=D0=BB=D0=B8=D0=B4=D0=BD=D1=8B=D0=B5=20?=
 =?UTF-8?q?=D0=B8=D0=BC=D0=B5=D0=BD=D0=B0=20=D1=84=D0=B0=D0=B9=D0=BB=D0=BE?=
 =?UTF-8?q?=D0=B2=20=D0=BF=D1=80=D0=B8=20=D0=B8=D0=B7=D0=B2=D0=BB=D0=B5?=
 =?UTF-8?q?=D1=87=D0=B5=D0=BD=D0=B8=D0=B8=20=D0=B8=D0=B7=20zip-=D0=B0?=
 =?UTF-8?q?=D1=80=D1=85=D0=B8=D0=B2=D0=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 server/core/ZipReader.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/core/ZipReader.js b/server/core/ZipReader.js
index 698baa4..83e3532 100644
--- a/server/core/ZipReader.js
+++ b/server/core/ZipReader.js
@@ -14,7 +14,7 @@ class ZipReader {
         if (this.zip)
             throw new Error('Zip file is already open');
 
-         const zip = new StreamZip.async({file: zipFile});
+         const zip = new StreamZip.async({file: zipFile, skipEntryNameValidation: true});
          
         if (zipEntries)
             this.zipEntries = await zip.entries();

From 97ca49571cb3f719c91c928d419a072e5f90e446 Mon Sep 17 00:00:00 2001
From: Book Pauk <bookpauk@gmail.com>
Date: Mon, 17 Oct 2022 23:32:36 +0700
Subject: [PATCH 2/2] 1.0.6

---
 package-lock.json | 4 ++--
 package.json      | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 5eb2a97..fd08b94 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "inpx-web",
-  "version": "1.0.5",
+  "version": "1.0.6",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "inpx-web",
-      "version": "1.0.5",
+      "version": "1.0.6",
       "hasInstallScript": true,
       "license": "CC0-1.0",
       "dependencies": {
diff --git a/package.json b/package.json
index 600a28e..56f02aa 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "inpx-web",
-  "version": "1.0.5",
+  "version": "1.0.6",
   "author": "Book Pauk <bookpauk@gmail.com>",
   "license": "CC0-1.0",
   "repository": "bookpauk/inpx-web",