Update CHANGELOG.md

This commit is contained in:
Dane Everitt 2019-06-21 21:56:30 -07:00
parent 092e7e79ff
commit a5be993796
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53

View file

@ -6,9 +6,13 @@ This project follows [Semantic Versioning](http://semver.org) guidelines.
## v0.7.14 (Derelict Dermodactylus) ## v0.7.14 (Derelict Dermodactylus)
### Fixed ### Fixed
* **[SECURITY]** Fixes an XSS vulnerability when performing certain actions in the file manager. * **[SECURITY]** Fixes an XSS vulnerability when performing certain actions in the file manager.
* **[SECURITY]** Attempting to login as a user who has 2FA enabled will no longer request the 2FA token before validating
that their password is correct. This closes a user existence leak that would expose that an account exists if
it had 2FA enabled.
### Changed ### Changed
* Support for setting a node to listen on ports lower than 1024. * Support for setting a node to listen on ports lower than 1024.
* QR code URLs are now generated without the use of an external library to reduce the dependency tree.
* Regenerated database passwords now respect the same settings that were used when initially created. * Regenerated database passwords now respect the same settings that were used when initially created.
* Cleaned up 2FA QR code generation to use a more up-to-date library and API. * Cleaned up 2FA QR code generation to use a more up-to-date library and API.
* Console charts now properly start at 0 and scale based on server configuration. No more crazy spikes that * Console charts now properly start at 0 and scale based on server configuration. No more crazy spikes that