Release 2.39
Release Version 2.39
Release date: 22 Feb 2023.
Distribution
Source snapshots are attached to this announcement and the git tag filesender-2.39 contains the base that these snapshots were created from.
Installation
Documentation is available at https://docs.filesender.org/filesender/v2.0/install/
Major changes since 2.38
The database update script DOES NOT need to be run.
The templates directory HAS changed.
This release includes security updates, primarily:
sanity: check that the aead data is in the epected format. This relates to 4.1.2. of Computest Jan. 2, 2023 Version 1.0. #1383
set HSTS in the apache template config. This relates to 4.1.8. of Computest Jan. 2, 2023 Version 1.0. #1385
update javascript deps #1376
move this to POST. This is 4.1.7 of Computest Jan. 2, 2023 Version 1.0. #1378
Remaining changes:
build(deps): bump nokogiri from 1.13.6 to 1.13.9 in /docs #1331
Ensure identity is a string #1328
Correct undefined php index #1327
Document auth_remote_user_enabled #1322
build(deps): bump nokogiri from 1.13.9 to 1.14.0 in /docs #1346
psql: handle numeric type better #1347
db: add a config sanity check in database.php #1348
if there was an error getting some author info do not except #1349
docs: remove some outdated information #1350
cron: only delete a guest when all their transfers are no longer available, allow force delete #1352
security: allow remote user and app to not have to perform CSRF #1353
New Option: log downloads from authenticated users as recipients #1354
build(deps): bump activesupport from 6.0.4 to 6.0.6.1 in /docs #1355
crypto-ui: when a password has worked offer it for other files on the same download page #1356
i18n: auto import from poedtor on 2023-02-02-1675282665 #1357
rest python: ability to make new guest from command line #1358
run cron job as apache/www user #1359
docs: update step 8 to hint which config keys a user might need to update. #1360
docs: debiain install allow installation of latest default php versions #1361
docs: mention master and master3 in the git install section #1362
docs: update simplesamlphp section a little bit. #1363
i18n add Sinhalese to automatic import from poeditor script #1364
i18n add lang dir #1365
i18n: auto import from poedtor on 2023-02-07-1675763101 #1366
i18n: auto import from poedtor on 2023-02-07-1675763886 #1367
i18n add Urdu to automatic import from poeditor script #1368
i18n: auto import from poedtor on 2023-02-07-1675767614 #1369
i18n add Chinese (Simplified and Traditional) to automatic import from poeditor script #1370
i18n: auto import from poedtor on 2023-02-07-1675769507 #1371
i18n add Khmer to automatic import from poeditor script #1372
i18n do not overwrite other lang and use expected poeditor code #1373
i18n: auto import from poedtor on 2023-02-08-1675808675 #1374
Language default and fallback fixes #1377
i18n: improve langauge names for selector drop down #1379
Update for a log entry in language fallback mode and cleaner language selector. #1380
lang: do not log null if fallbackid is not set #1384
i18n: bring in new terms from password reuse PR #1386
i18n: three of the new terms cited in issue 1235 #1387
Allow overrides based on attributes #1389 https://github.com/filesender/filesender /pull/1390 #1391
convert these to unix line endings too #1388 #1392
Configuration changes
log_authenticated_user_download_by_ensure_user_as_recipient
Log the saml Identifiant for downloads performed by authenticated users.
Could have privacy implications if enabled. Default disabled.
auth_config_regex_files
With the auth_config_regex_files directive you specify an array of attributes + regex and resulting filename to load additional configuration settings if the regex matches for the attribute value.
Support and Feedback
Please lodge new github issues for things that might improve the next release!
See Support and Mailinglists and Feature requests.