3.4
版本发布时间: 2021-04-15 03:10:34
zulip/zulip最新发布版本:9.2(2024-09-13 05:09:15)
- CVE-2021-30487: Prevent administrators from moving topics to disallowed streams.
- CVE-2021-30479: Prevent guest user access to
all_public_streamsAPI. - CVE-2021-30478: Prevent API super users from forging messages to other organizations.
- CVE-2021-30477: Prevent outgoing webhook bots from sending arbitrary messages to any stream.
- Fixed a potential HTML injection bug in outgoing emails.
- Fixed Postfix configuration error which would prevent outgoing email
to any email address containing
.,+, or starting withmm, when configured to use the local Postfix to deliver outgoing email. - Fixed a backporting error which caused the
manage.py change_user_roletool to not work foradmin,member, orguestroles. - Add support for logout events sent from modern versions of the desktop application.
- Upgraded minor python dependencies.
- Minor documentation fixes.
1、 zulip-server-3.4.tar.gz 73.94MB