Skip to content

Maintenance release 3.6.10

Compare
Choose a tag to compare
@bobdenotter bobdenotter released this 15 Aug 15:17
· 28 commits to 3.6 since this release
023e8f5

To do a 15-second install, use the following:

curl -O https://bolt.cm/distribution/archive/3.6/bolt-v3.6.9.tar.gz
tar -xzf bolt-v3.6.9.tar.gz --strip-components=1
php app/nut init

For detailed installation instructions and other ways to install, see the documentation: https://docs.bolt.cm/3.6/installation/installation

Released: 2019-08-15. Notable changes:

  • Security: Prevent XSS in system log (for authenticated users) #7802
  • Security: Prevent XSS in image alt/title (for authenticated users) #7801
  • Security: Prevent XSS in "Create file" in file manager (for authenticated users) #7800
  • Fixes: Prevent update of guzzlehttp/psr7 to 1.6, fixes tests #7798
  • Fixed: Fix taxonomy name collision #7799
  • Fixed: Rebuilding assets, fixing tags cloud #7794

Special thanks go out to @marcingajda for his contributions, and to @KotatuBot
for responsibly disclosing the XSS issues to us.