Skip to content

9.4.1 (9.4.1.1)
Compare
Choose a tag to compare
@trasher trasher released this 15 Mar 10:14
· 412 commits to 9.4/bugfixes since this release
9.4.1.1
801d25b

This is a security release, upgrading is hightly recommended

Download it

Non exhaustive list of changes:

  • [security] Bad chevrons rendering on dropdowns (#5468)
  • [security] Iframe and forms are rendered in rich text contents (#5519)
  • [security] Type juggling authentication bypass (#5520)
  • [security] Malicious images upload (#5580)
  • [security] Password token date was not reset (#5577)
  • [security] Prevent timed attack and enforce cookie security (#5562)
  • Search on dropdowns now displays fuzzy matches (#5149)
  • All components were deleted when permanently deleting a computer (#5459)
  • Unable to display network ports (#5460, #5461)
  • Preferences not applied (#5372)
  • Unable to use “forgotten password” feature (#5386)
  • And many more!

You may notice displayed and archive versions are 9.4.1.1; this is because we've decided to integrate two more fixes we found after release has been prepared!

See changelog and minor changelog for details.

Assets 3