Prepare version 9.2.5 for release

publify · Oct 11, 2021 · aa39c56 · aa39c56
1 parent ca278f8
commit aa39c56
Show file tree

Hide file tree

Showing 8 changed files with 45 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,23 @@
 
 See the changelogs for the individual engines for more details for releases 9.0 and up
 
+## 9.2.5 / 2021-10-11
+
+This release fixes several security issues:
+
+* Force session cookie to be secure in production
+* Block ability to switch themes using a GET request; use a POST instead
+* Disallow user self-registration rather than hiding it
+* Let the browser not cache admin pages
+* Limit the set of allowed mime types for uploaded media
+* Limit allowed HTML in articles, pages and notes
+
+Additionally, it includes the following changes:
+
+* Fix resource size display in admin resource list
+* Trigger download of media in the Media Library in admin instead of displaying
+  them directly
+
 ## 9.2.4 / 2021-10-02
 
 * Require at least version 1.12.5 of nokogiri to avoid a security issue

diff --git a/publify_amazon_sidebar/CHANGELOG.md b/publify_amazon_sidebar/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Changelog
 
+## 9.2.5 / 2021-10-11
+
+* No changes
+
 ## 9.2.4 / 2021-10-02
 
 * Drop support for Ruby 2.4 since it is incompatible with nokogiri 1.12.5

diff --git a/publify_amazon_sidebar/lib/publify_amazon_sidebar/version.rb b/publify_amazon_sidebar/lib/publify_amazon_sidebar/version.rb
@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PublifyAmazonSidebar
-  VERSION = "9.2.4"
+  VERSION = "9.2.5"
 end
diff --git a/publify_amazon_sidebar/publify_amazon_sidebar.gemspec b/publify_amazon_sidebar/publify_amazon_sidebar.gemspec
@@ -20,7 +20,7 @@ Gem::Specification.new do |s|
 
   s.files = File.open("Manifest.txt").readlines.map(&:chomp)
 
-  s.add_dependency "publify_core", "~> 9.2.4"
+  s.add_dependency "publify_core", "~> 9.2.5"
 
   s.add_development_dependency "rspec-rails", "~> 4.0"
   s.add_development_dependency "simplecov", "~> 0.18.5"

diff --git a/publify_core/CHANGELOG.md b/publify_core/CHANGELOG.md
@@ -1,5 +1,21 @@
 # Changelog
 
+## 9.2.5 / 2021-10-11
+
+This release fixes several security issues:
+
+* Block ability to switch themes using a GET request; use a POST instead
+* Disallow user self-registration rather than hiding it
+* Let the browser not cache admin pages
+* Limit the set of allowed mime types for uploaded media
+* Limit allowed HTML in articles, pages and notes
+
+Additionally, it includes the following changes:
+
+* Fix resource size display in admin resource list
+* Trigger download of media in the Media Library in admin instead of displaying
+  them directly
+
 ## 9.2.4 / 2021-10-02
 
 * Explicitly require at least version 1.12.5 of nokogiri to avoid a security issue

diff --git a/publify_core/lib/publify_core/version.rb b/publify_core/lib/publify_core/version.rb
@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PublifyCore
-  VERSION = "9.2.4"
+  VERSION = "9.2.5"
 end
diff --git a/publify_textfilter_code/CHANGELOG.md b/publify_textfilter_code/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Changelog
 
+## 9.2.5 / 2021-10-11
+
+* No changes
+
 ## 9.2.4 / 2021-10-02
 
 * Drop support for Ruby 2.4 since it is incompatible with nokogiri 1.12.5

diff --git a/publify_textfilter_code/lib/publify_textfilter_code/version.rb b/publify_textfilter_code/lib/publify_textfilter_code/version.rb
@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PublifyTextfilterCode
-  VERSION = "9.2.4"
+  VERSION = "9.2.5"
 end