mirror of
https://github.com/ether/etherpad-lite.git
synced 2025-05-02 05:09:13 -04:00
Release v1.8.16
This commit is contained in:
Richard Hansen
parent
77bcb507b3
commit
142a47cbbc
3 changed files with 24 additions and 2 deletions
22
CHANGELOG.md
22
CHANGELOG.md
|
|
@ -1,3 +1,25 @@
|
|||
# 1.8.16
|
||||
|
||||
### Security fixes
|
||||
|
||||
If you cannot upgrade to v1.8.16 for some reason, you are encouraged to try
|
||||
cherry-picking the fixes to the version you are running:
|
||||
|
||||
```shell
|
||||
git cherry-pick b7065eb9a0ec..77bcb507b30e
|
||||
```
|
||||
|
||||
* Maliciously crafted `.etherpad` files can no longer overwrite arbitrary
|
||||
non-pad database records when imported.
|
||||
* Imported `.etherpad` files are now subject to numerous consistency checks
|
||||
before any records are written to the database. This should help avoid
|
||||
denial-of-service attacks via imports of malformed `.etherpad` files.
|
||||
|
||||
### Notable enhancements and fixes
|
||||
|
||||
* Fixed several `.etherpad` import bugs.
|
||||
* Improved support for large `.etherpad` imports.
|
||||
|
||||
# 1.8.15
|
||||
|
||||
### Security fixes
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue