X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=CHANGELOG.md;h=4b9bb9541a47a81d83bcb76e27d1591f97c72b0a;hb=cb9b87eb1ca015b0fdb03a223e2df190cb53cf05;hp=4b018cb48cfca3795cfbb83d057d5d8a264892da;hpb=9d7a02afcee3c740712a7c95182d332db0504b7e;p=github%2Fshaarli%2FShaarli.git

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4b018cb4..4b9bb954 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,52 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](http://semver.org/).
 
+## [v0.9.3](https://github.com/shaarli/Shaarli/releases/tag/v0.9.3) - 2018-01-04
+
+**XSS vulnerability fixed. Please update.**
+
+### Security
+- Fix an XSS (cross-site-scripting) vulnerability in `index.php`
+
+
+## [v0.9.2](https://github.com/shaarli/Shaarli/releases/tag/v0.9.2) - 2017-10-07
+
+**Major security issue fixed. Please update.**
+
+### Added
+- Tag search now supports wildcards `*`
+- New setting `privacy.force_login` which can be used with `privacy.hide_public_links` to redirect anonymous users to the login page.
+- New setting `general.default_note_title` used to override default `Note:` title prefix for notes.
+- Add a version hash for asset loading to prevent browser's cache issue
+
+### Changed
+- The "Remember me" checkbox is unchecked by default
+- The default value of the "Remember me" checkbox can be configured under `data/config.json.php`
+
+### Removed
+- Remove obsolete PHP magic quote support
+
+### Fixed
+- Generates a permalink URL if the URL is set to blank
+- Replace links to the old GitHub wiki with ReadTheDocs URIs
+- Use single quotes in the note bookmarklet
+- Daily page if there is no link
+- Bulk link deletion with a single link
+- HTTPS detection behind a reverse proxy
+- Travis tests environment and localization
+- Improve template paths robustness (trailing slash)
+- Robustness: safer gzinflate/zlib usage
+- Description links parsing with parenthesis (without Markdown)
+- Templates:
+    - Sort the tag cloud alphabetically
+    - Firefox social title
+    - Improved visited link color
+    - Fix jumpy textarea with long content in post edit
+
+### Security
+
+- Vulnerability introduced in v0.9.1 fixed.
+
 ## [v0.9.1](https://github.com/shaarli/Shaarli/releases/tag/v0.9.1) - 2017-08-23
 
 The documentation has been migrated to ReadTheDocs:
@@ -61,7 +107,7 @@ The documentation has been migrated to ReadTheDocs:
 This release introduces the REST API, and requires updating HTTP server
 configuration to enable URL rewriting, see:
 - https://shaarli.github.io/api-documentation/
-- https://github.com/shaarli/Shaarli/wiki/Server-configuration
+- https://shaarli.readthedocs.io/en/master/Server-configuration/
 
 **WARNING**: Shaarli now requires PHP 5.5+.