Maintenance release 3.6.10
To do a 15-second install, use the following:
curl -O https://bolt.cm/distribution/archive/3.6/bolt-v3.6.9.tar.gz
tar -xzf bolt-v3.6.9.tar.gz --strip-components=1
php app/nut init
For detailed installation instructions and other ways to install, see the documentation: https://docs.bolt.cm/3.6/installation/installation
Released: 2019-08-15. Notable changes:
- Security: Prevent XSS in system log (for authenticated users) #7802
- Security: Prevent XSS in image alt/title (for authenticated users) #7801
- Security: Prevent XSS in "Create file" in file manager (for authenticated users) #7800
- Fixes: Prevent update of
guzzlehttp/psr7to 1.6, fixes tests #7798 - Fixed: Fix taxonomy name collision #7799
- Fixed: Rebuilding assets, fixing tags cloud #7794
Special thanks go out to @marcingajda for his contributions, and to @KotatuBot
for responsibly disclosing the XSS issues to us.