v0.7.14 (Derelict Dermodactylus)
Fixed
- [SECURITY] Fixes an XSS vulnerability when performing certain actions in the file manager.
GHSA-3q45-4vhr-c7g7
- [SECURITY] Attempting to login as a user who has 2FA enabled will no longer request the 2FA token before validating that their password is correct. This closes a user existence leak that would expose that an account exists if it had 2FA enabled.
GHSA-vcm9-hx3q-qwj8
Changed
- Support for setting a node to listen on ports lower than 1024.
- QR code URLs are now generated without the use of an external library to reduce the dependency tree.
- Regenerated database passwords now respect the same settings that were used when initially created.
- Cleaned up 2FA QR code generation to use a more up-to-date library and API.
- Console charts now properly start at 0 and scale based on server configuration. No more crazy spikes that
are due to a change of one unit.
SHA256 Checksum
9d1402d121ff578629e6bc1e2067a98d7ad6f6323426e2a41a88efb453db4f1d panel.tar.gz