diff --git a/WHATSNEW b/WHATSNEW index a87bd817c..8834fadcc 100644 --- a/WHATSNEW +++ b/WHATSNEW @@ -9,10 +9,12 @@ Changes that could break older environments: destination directory anymore by default. A new attribute allowFilesToEscapeDest can be used to override the behavior. Another special case is when stripAbsolutePathSpec is false (which - still is the default) and the entry's name starts with a + no longer is the default) and the entry's name starts with a (back)slash and allowFilesToEscapeDest hasn't been specified explicitly, in this case the file may be created outside of the dest directory as well. + In addition stripAbsolutePathSpec is now true by default. + Based on a recommendation by the Snyk Security Research Team. Fixed bugs: ----------- diff --git a/manual/Tasks/unzip.html b/manual/Tasks/unzip.html index 95b3afdb9..dbf4a16c7 100644 --- a/manual/Tasks/unzip.html +++ b/manual/Tasks/unzip.html @@ -126,7 +126,8 @@ archive.
Note that this changes the entry's name before applying include/exclude patterns and before using the nested mappers (if any). since Ant 1.8.0 -