This repository was archived by the owner on Oct 6, 2021. It is now read-only.
Version 1.1.3 - Fixes the Auto-Updater
·
534 commits
to master
since this release
v1.1.3
paragonie-security
P.I.E. Security Team
This tag was signed with the committer’s verified signature.
paragonie-security
P.I.E. Security Team
- Fixed
E_NOTICEs with the auto-updater. - Identified a bug in the backend server that wasn't publishing commit hashes
in CMS Airship core updates. Going forward, the commit hash should be
included in each release. - Only allow HTTP and HTTPS URLs in blog comments, in case someone provides
a JavaScript URI and someone else is careless enough to click it. HackerOne report. - Proactively mitigate stored XSS in other invocations of
__().