![]() Note that you will still need to login to your Frigate+ account and verify the images to ensure all relevant objects are labeled before the image will be used during training. You can now submit false positive detections to Frigate+ for training feedback. For more information, see this discussion. If you would like to be invited for early access to purchase a subscription, please send an email to from the email address on your Frigate+ account. This only affects users that were directly reading from the /stats data via the API or MQTT.įrigate+ models are now rolling out by invitation. The cameras in /stats have been moved to their own cameras block.TensorRT now requires Nvidia Driver Version 530+.New models will need to be generated for 0.13 and have a new path, check the detector docs for more info. TensorRT has been updated and the model generation has been refactored.HomeAssistant Integration 5.0 beta is required for the new features introduced in this release.The previously deprecated record -> retain_days config has been removed, this should be migrated to record -> retain -> days if you have not already.The migration is handled for you, but you must make sure that the docker CLI or docker-compose binds the entire /config directory and not just the /config/config.yml file.įor example, if your current volume mapping is - /host/path/config_folder/config.yml:/config/config.yml it should now be - /host/path/config_folder/:/config/ The migration is handled automatically and no action is required from the user. This change is going to be done for existing users too, so frigate will automatically move the db for you. New location for frigate.db: Due to the support for network shares in HA OS and the popularity of storing recordings on a NAS in general, the database has a new default location of /config/frigate.db.NOTE: Some users have reported migrations taking a while and frigate frontend is not available until the migrations are complete. Changes have been made to the DB schema, downgrading to 0.12 will require restoring from a backup or deleting the DB and existing recordings / snapshots.Stationary object validation is now required, anyone who manually set interval: 0 will need to delete this field from the config or increase the value.If you have specific values set in your config, it is recommended to remove them and re-calibrate as necessary. Default values have been changed for motion detection and improve_contrast is now enabled by default.This means if you did not explicitly set the detect width / height AND your sub stream is not 1280x720, then your masks and zones will be configured incorrectly. If no detect resolution is defined then frigate will now run detect at the native camera resolution.Remove direct access to the go2rtc API to mitigate potential remote code execution via the exec source.I have enabled the private vulnerability disclosure features inside Github for the project as well as the automated CodeQL scanning features to identify future issues. If you haven't click any links to your Frigate server from unknown sources, there is no reason to believe that you have been compromised. Attacker finds a way to get an authenticated user to visit their specialized page and click the button/link.Attacker crafts a specialized page which links to the user's Frigate instance.Attacker knows the public address of a user's Frigate instance.Frigate publicly exposed to the internet (even with some authentication methods implemented). ![]() This vulnerability could exploited by an attacker under the following circumstances: Unsafe deserialization in load_config_with_no_duplicates of frigate/util/builtin.py (GHSL-2023-190)Įxploiting these vulnerabilities requires the attacker to both know very specific information about a user's Frigate server and requires an authenticated user to be tricked into clicking a specially crafted link to their Frigate instance.Reflected XSS through / API endpoints (GHSL-2023-195).Cross-site request forgery in config_save and config_set request handlers (GHSL-2023-198).The Github Security Lab team reached out to report the following security vulnerabilities. Beta docs for this release: Major Changes For 0.13.0 Security Advisories ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |