Skip to content

Zulip Server 1.3.12

Choose a tag to compare

@timabbott timabbott released this 01 Feb 17:41
  • CVE-2016-4426: Bot API keys were accessible to other users in the same realm.
  • CVE-2016-4427: Deactivated users could access messages if SSO was enabled.
  • Fixed a RabbitMQ configuration bug that resulted in reordered messages.
  • Added expansive test suite for authentication backends and decorators.
  • Added an option to logout_all_users to delete only sessions for deactivated users.