Skip to content
This repository was archived by the owner on Oct 6, 2021. It is now read-only.

Version 1.4.0

Choose a tag to compare

View all tags
@paragonie-scott paragonie-scott released this 03 Nov 06:06
· 198 commits to master since this release
v1.4.0
This tag was signed with the committer’s verified signature.
paragonie-security P.I.E. Security Team
GPG key ID: 6B97A1C2826404DA
Verified
Learn about vigilant mode.
6d62335
  • Cryptographically associate account recovery tokens with the row ID
    of the user who requested the reset. This means that updating the
    userid column of an existing recovery token will not allow you to
    login as the arbitrary user.
  • #52,
    #137,
    #140:
    Allow users, groups, blog post categories, author profiles,
    and series to be deleted.
  • #72:
    You can now configure how emails are sent out. All of the options
    currently provided by Zend\Mail.
  • #128:
    All CMS Airship cookies send a Same-Site header (strictly). This
    adds another layer of resilience against CSRF attacks.
  • #147:
    Implemented a framework for importing data (i.e. password hashes)
    into a CMS Airship project. This will allow users to log in with
    their old password, when Airship only knows the old password hash.
  • #138,
    #141:
    In addition to being able to change the name of a blog category or
    author, you can also update the slug (and optionally create a
    redirect from the old slug to the new one).
  • #148:
    You can now override the footer text.
  • #149:
    Implemented a View History feature for Blog Posts.
  • #155:
    You can now create user accounts from the Bridge.
Assets 4
Loading