关键漏洞信息 Security Fixes 1. CVE-2014-2914 和 #1438 - Description: The web interface now uses an authentication token to protect requests and only responds to requests from the local machine with this token, preventing a remote code execution attack. 2. CVE-2014-2906 和 #1437 - Description: and are no longer vulnerable to attacks which allow local privilege escalation and data tampering. 3. CVE-2014-3856 - Description: and are no longer vulnerable to attacks which allow local privilege escalation and data tampering. 4. CVE-2014-2905 和 #1436 - Description: uses a secure path for its socket, preventing a local privilege escalation attack. 5. CVE-2014-3219 和 #1440 - Description: is no longer vulnerable to attacks which would allow local privilege escalation and data tampering.