9.5.3

trasher released this 25 Nov 10:07

· 577 commits to 9.5/bugfixes since this release

This is a security release, upgrading is recommended

Note: those are medium security issues.

Non exhaustive list of changes:

[security] Insecure Direct Object Reference on ajax/comments.php and ajax/getDropdownValue.php (CVE-2020-27662 and CVE-2020-27663)
[security] Any CalDAV calendars is read-only for every authenticated user (CVE-2020-26212)
several dashboards issues
several fixes and enhancements with mail collector
new dashboard filters on tech users and tech groups
PHP8 compatibility
and more!

See changelog for details.

Assets 3