From 3b20fd7830294c6268efe511f00eb5a59da1b5b6 Mon Sep 17 00:00:00 2001
From: Sebastian Hildebrandt <hildebrandt@plus-innovations.com>
Date: Sat, 20 Feb 2021 14:06:21 +0100
Subject: [PATCH] sanitizeShellString() optimized strict sanitation

---
 CHANGELOG.md          |  1 +
 docs/history.html     |  5 +++++
 docs/index.html       |  4 ++--
 docs/issues.html      |  5 +++++
 docs/security.html    |  2 +-
 docs/v4/issues.html   |  5 +++++
 docs/v4/security.html |  2 +-
 lib/poc.js            | 22 ----------------------
 8 files changed, 20 insertions(+), 26 deletions(-)
 delete mode 100644 lib/poc.js

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 06e1c09..16fb471 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -72,6 +72,7 @@ For major (breaking) changes - **version 4, 3 and 2** - see end of page.
 
 | Version        | Date           | Comment  |
 | -------------- | -------------- | -------- |
+| 5.3.4          | 2020-02-20     | `sanitizeShellString()` optimized strict sanitation |
 | 5.3.3          | 2020-02-15     | `dockerContainerStats()` fixed ID splitting |
 | 5.3.2          | 2020-02-15     | `inetLatency()` `ineChecksite()` fixed possible security issue (file://) |
 | 5.3.1          | 2020-02-14     | `inetLatency()` `ineChecksite()` `servcices()` `processes()` fixed possible security issue (arrays) |
diff --git a/docs/history.html b/docs/history.html
index 84aafea..dcefb17 100644
--- a/docs/history.html
+++ b/docs/history.html
@@ -56,6 +56,11 @@
                   </tr>
                 </thead>
                 <tbody>
+                  <tr>
+                    <th scope="row">5.3.4</th>
+                    <td>2020-02-20</td>
+                    <td><span class="code">sanitizeShellString()</span> optimized strict sanitation</td>
+                  </tr>
                   <tr>
                     <th scope="row">5.3.3</th>
                     <td>2020-02-15</td>
diff --git a/docs/index.html b/docs/index.html
index 5471d4f..45391f6 100644
--- a/docs/index.html
+++ b/docs/index.html
@@ -170,7 +170,7 @@
       <img class="logo" src="assets/logo.png">
       <div class="title">systeminformation</div>
       <div class="subtitle"><span id="typed"></span>&nbsp;</div>
-      <div class="version">New Version: <span id="version">5.3.3</span></div>
+      <div class="version">New Version: <span id="version">5.3.4</span></div>
       <button class="btn btn-light" onclick="location.href='https://github.com/sebhildebrandt/systeminformation'">View on Github <i class=" fab fa-github"></i></button>
     </div>
     <div class="down">
@@ -209,7 +209,7 @@
         <div class="title">Downloads last month</div>
       </div>
       <div class="col-xl-4 col-lg-4 col-md-4 col-12">
-        <div class="numbers">387</div>
+        <div class="numbers">389</div>
         <div class="title">Dependents</div>
       </div>
     </div>
diff --git a/docs/issues.html b/docs/issues.html
index 107206c..81eea92 100644
--- a/docs/issues.html
+++ b/docs/issues.html
@@ -65,6 +65,11 @@
               <p>In some cases you need to install the linux <span class="code">sensors</span> package to be able to measure temperature e.g. on DEBIAN based systems by running</p>
               <pre>$ sudo apt-get install lm-sensors</pre>
 
+              <h4>Windows, macOS - CPU Speed</h4>
+
+              <p><span class="code">node.js</span> and <span class="code">wmic</span> are not able to determine correct CPU current speed on windows and macOS.
+                This means, you will have constant values here on both platforms for all processor cores in <span class="code">cpuCurrentSpeed()</span>.</p>
+
               <h4>Linux S.M.A.R.T. Status</h4>
 
               <p>To be able to detect S.M.A.R.T. status on Linux you need to install <span class="code">smartmontools</span>. On DEBIAN based linux distributions you can install it by running:</p>
diff --git a/docs/security.html b/docs/security.html
index 0f23f85..16637dc 100644
--- a/docs/security.html
+++ b/docs/security.html
@@ -64,7 +64,7 @@
               <p><span class="bold">Affected versions:</span>
                 &lt; 5.3.1 and &lt; 4.34.11<br>
                 <span class="bold">Date:</span> 2021-02-14<br>
-                <span class="bold">CVE indentifier</span> -
+                <span class="bold">CVE indentifier</span> CVE-2021-21315
               </p>
 
               <h4>Impact</h4>
diff --git a/docs/v4/issues.html b/docs/v4/issues.html
index 743822f..eee05d0 100644
--- a/docs/v4/issues.html
+++ b/docs/v4/issues.html
@@ -64,6 +64,11 @@
               <p>In some cases you need to install the linux <span class="code">sensors</span> package to be able to measure temperature e.g. on DEBIAN based systems by running</p>
               <pre>$ sudo apt-get install lm-sensors</pre>
 
+              <h4>Windows, macOS - CPU Speed</h4>
+
+              <p><span class="code">node.js</span> and <span class="code">wmic</span> are not able to determine correct CPU current speed on windows and macOS.
+                This means, you will have constant values here on both platforms for all processor cores in <span class="code">cpuCurrentSpeed()</span>.</p>
+
               <h4>Linux S.M.A.R.T. Status</h4>
 
               <p>To be able to detect S.M.A.R.T. status on Linux you need to install <span class="code">smartmontools</span>. On DEBIAN based linux distributions you can install it by running:</p>
diff --git a/docs/v4/security.html b/docs/v4/security.html
index 78d966d..6a41d03 100644
--- a/docs/v4/security.html
+++ b/docs/v4/security.html
@@ -63,7 +63,7 @@
               <p><span class="bold">Affected versions:</span>
                 &lt; 4.34.11<br>
                 <span class="bold">Date:</span> 2021-02-14<br>
-                <span class="bold">CVE indentifier</span> -
+                <span class="bold">CVE indentifier</span> CVE-2021-21315
               </p>
 
               <h4>Impact</h4>
diff --git a/lib/poc.js b/lib/poc.js
deleted file mode 100644
index 98e883d..0000000
--- a/lib/poc.js
+++ /dev/null
@@ -1,22 +0,0 @@
-let si = require('./internet');
-si.inetChecksite([]).then((a) => {
-  if (a.ok == false)
-    console.log("inetChecksite is fixed!")
-  else
-    console.log("inetChecksite is not fixed!")
-});
-
-
-si.inetLatency([]).then((a) => {
-  if (a == null)
-    console.log("inetLatency is fixed!")
-  else
-    console.log("inetLatency is not fixed!")
-});
-si = require('./processes');
-si.services([]).then((a) => {
-  if (typeof a == typeof [])
-    console.log("services is fixed!")
-  else
-    console.log("services is not fixed!")
-});