Update CHANGELOG.md
This commit is contained in:
Dane Everitt
parent
092e7e79ff
commit
a5be993796
1 changed files with 4 additions and 0 deletions
|
|
@ -6,9 +6,13 @@ This project follows [Semantic Versioning](http://semver.org) guidelines.
|
|||
## v0.7.14 (Derelict Dermodactylus)
|
||||
### Fixed
|
||||
* **[SECURITY]** Fixes an XSS vulnerability when performing certain actions in the file manager.
|
||||
* **[SECURITY]** Attempting to login as a user who has 2FA enabled will no longer request the 2FA token before validating
|
||||
that their password is correct. This closes a user existence leak that would expose that an account exists if
|
||||
it had 2FA enabled.
|
||||
|
||||
### Changed
|
||||
* Support for setting a node to listen on ports lower than 1024.
|
||||
* QR code URLs are now generated without the use of an external library to reduce the dependency tree.
|
||||
* Regenerated database passwords now respect the same settings that were used when initially created.
|
||||
* Cleaned up 2FA QR code generation to use a more up-to-date library and API.
|
||||
* Console charts now properly start at 0 and scale based on server configuration. No more crazy spikes that
|
||||
|
|
|
|||
Loading…
Reference in a new issue