All Versions
49
Latest Version
Avg Release Cycle
44 days
Latest Release
-

Changelog History
Page 4

  • v2.1.11 Changes

    October 16, 2019

    ๐Ÿ”’ โš ๏ธ Security fixes

    • ๐Ÿ›  Fix more places where LaTeX input was not correctly sanitized.

    ๐Ÿš€ While the biggest security impact (reading local files) has already been mitigated when fixing the initial vulnerability in the previous release, it is still strongly recommended to update.

  • v2.1.10 Changes

    October 08, 2019

    ๐Ÿš€ Released on October 08, 2019

    ๐Ÿ”’ Security fixes ^

    • Strip @, +, - and = from the beginning of strings when exporting CSV files to avoid security issues <https://www.owasp.org/index.php/CSV_Injection>_ when opening the CSV file in Excel
    • ๐Ÿ‘‰ Use 027 instead of 000 umask when temporarily changing it to get the current umask
    • ๐Ÿ›  Fix LaTeX sanitization to prevent malicious users from running unsafe LaTeX commands through specially crafted abstracts or contribution descriptions, which could lead to the disclosure of local file contents
  • v2.1.9 Changes

    August 26, 2019

    ๐Ÿš€ Released on August 26, 2019

    ๐Ÿ›  Bugfixes ^

    • ๐Ÿ›  Fix bug in calendar view, due to timezones (:issue:3903)
    • โœ‚ Remove dependency on pyatom, which has vanished from PyPI (:issue:4045)
  • v2.1.8 Changes

    March 12, 2019

    ๐Ÿ‘Œ Improvements

    • โž• Add A6 to page size options (#3793)

    ๐Ÿ›  Bugfixes

    • ๐Ÿ›  Fix celery/redis dependency issue (#3809)
  • v2.1.7 Changes

    January 24, 2019

    ๐Ÿ‘Œ Improvements

    • โž• Add setting for the default contribution duration of an event (#3446)
    • โž• Add option to copy abstract attachments to contributions when accepting them (#3732)

    ๐Ÿ›  Bugfixes

    • Really fix the oauthlib conflict (was still breaking in some cases)
  • v2.1.6 Changes

    January 24, 2019

    ๐Ÿ›  Bugfixes

    • ๐Ÿ‘ Allow adding external users as speakers/chairpersons (#3562)
    • ๐Ÿ‘ Allow adding external users to event ACLs (#3562)
    • ๐Ÿ“Œ Pin requests-oauthlib version to avoid dependency conflict
  • v2.1.5 Changes

    December 07, 2018

    ๐Ÿ‘Œ Improvements

    • Render the reviewing state of papers in the same way as abstracts (#3665)

    ๐Ÿ›  Bugfixes

    • ๐Ÿ‘‰ Use correct speaker name when exporting contributions to spreadsheets
    • ๐Ÿ“ฆ Use friendly IDs in abstract attachment package folder names
    • ๐Ÿ›  Fix typo in material package subcontribution folder names
    • ๐Ÿ›  Fix check on whether registering for an event is possible
    • ๐Ÿ‘‰ Show static text while editing registrations (#3682)
  • v2.1.4 Changes

    September 25, 2018

    ๐Ÿ›  Bugfixes

    • Let managers download tickets for registrants even if all public ticket downloads are disabled (#3493)
    • ๐Ÿ–จ Do not count deleted registrations when printing tickets from the badge designer page
    • Hide "Save answers" in surveys while not logged in
    • ๐Ÿ›  Fix importing event archives containing registrations with attachments
    • ๐Ÿ›  Fix display issue in participants table after editing data (#3511)
    • ๐Ÿ›  Fix errors when booking rooms via API
  • v2.1.3 Changes

    August 09, 2018

    ๐Ÿ”’ Security fixes

    • โšก๏ธ Only return timetable entries for the current session when updating a session through the timetable (#3474, thanks @glunardi for reporting)
    • โฑ Prevent session managers/coordinators from modifying certain timetable entries or scheduling contributions not assigned to their session
    • ๐Ÿ‘€ Restrict access to timetable entry details to users who are authorized to see them

    ๐Ÿ‘Œ Improvements

    • ๐Ÿ‘Œ Improve survey result display (#3486)
    • ๐Ÿ‘Œ Improve email validation for registrations (#3471)

    ๐Ÿ›  Bugfixes

    • Point to correct day in "edit session timetable" link (#3419)
    • ๐Ÿ›  Fix error when exporting abstracts with review questions to JSON
    • Point the timetable to correct day in the session details
    • ๐Ÿ›  Fix massive performance issue on the material package page in big events
    • ๐Ÿ›  Fix error when using the checkin app to mark someone as checked in (#3473, thanks @femtobit)
    • ๐Ÿ›  Fix error when a session coordinator tries changing the color of a break using the color picker in the balloon's tooltip
  • v2.1.2 Changes

    ๐Ÿš€ Released on June 11, 2018

    ๐Ÿ‘Œ Improvements ^

    • ๐Ÿ‘‰ Show email address for non-anonymous survey submissions (:issue:3258)

    ๐Ÿ›  Bugfixes ^

    • ๐Ÿ‘‰ Show question description in survey results (:issue:3383)
    • ๐Ÿ‘ Allow paper managers to submit paper revisions
    • ๐Ÿ›  Fix error when not providing a URL for privacy policy or terms
    • ๐Ÿ‘‰ Use consistent order for privacy/terms links in the footer
    • ๐Ÿ›  Fix cloning of locked events