Skip to content

BookStack v21.10.2

Choose a tag to compare

View all tags
@ssddanbrown ssddanbrown released this 28 Oct 14:58
v21.10.2
This tag was signed with the committer’s verified signature.
ssddanbrown Dan Brown
GPG key ID: 46D9F943C24A2EF9
Verified
Learn about vigilant mode.
3cdab19
This commit was signed with the committer’s verified signature.
ssddanbrown Dan Brown
GPG key ID: 46D9F943C24A2EF9
Verified
Learn about vigilant mode.

Security Release

BookStack v21.10.2 has been released. This is a security release that builds upon changes in v21.10.1 which covers a vulnerability which would allow malicious users, who have permission to update or create pages, to upload content that could then be utilized for phishing or other general malicious intent.

If you allow untrusted users to edit page content you should update as soon as possible.

Full List of Changes

  • Made further fixes to address image upload vulnerability. Thanks again to @Haxatron (#3019)
  • Updated translations with latest changes from Crowdin. (#3014)

Contributors

Haxatron
Assets 2
Loading