v0.7.14 (Derelict Dermodactylus)
·
2598 commits
to develop
since this release
v0.7.14
DaneEveritt
Dane Everitt
This tag was signed with the committer’s verified signature.
DaneEveritt
Dane Everitt
c38f78d
This commit was signed with the committer’s verified signature.
DaneEveritt
Dane Everitt
Fixed
- [SECURITY] Fixes an XSS vulnerability when performing certain actions in the file manager.
GHSA-3q45-4vhr-c7g7 - [SECURITY] Attempting to login as a user who has 2FA enabled will no longer request the 2FA token before validating that their password is correct. This closes a user existence leak that would expose that an account exists if it had 2FA enabled.
GHSA-vcm9-hx3q-qwj8
Changed
- Support for setting a node to listen on ports lower than 1024.
- QR code URLs are now generated without the use of an external library to reduce the dependency tree.
- Regenerated database passwords now respect the same settings that were used when initially created.
- Cleaned up 2FA QR code generation to use a more up-to-date library and API.
- Console charts now properly start at 0 and scale based on server configuration. No more crazy spikes that
are due to a change of one unit.
SHA256 Checksum
9d1402d121ff578629e6bc1e2067a98d7ad6f6323426e2a41a88efb453db4f1d panel.tar.gz