aboutsummaryrefslogtreecommitdiffhomepage
path: root/CHANGELOG.md
diff options
context:
space:
mode:
Diffstat (limited to 'CHANGELOG.md')
-rw-r--r--CHANGELOG.md32
1 files changed, 23 insertions, 9 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 33feac20..b823ba70 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,13 @@ All notable changes to this project will be documented in this file.
4The format is based on [Keep a Changelog](http://keepachangelog.com/) 4The format is based on [Keep a Changelog](http://keepachangelog.com/)
5and this project adheres to [Semantic Versioning](http://semver.org/). 5and this project adheres to [Semantic Versioning](http://semver.org/).
6 6
7## [v0.9.3](https://github.com/shaarli/Shaarli/releases/tag/v0.9.3) - 2018-01-04
8**XSS vulnerability fixed. Please update.**
9
10## Security
11- Fix an XSS (cross-site-scripting) vulnerability in `index.php`
12
13
7## [v0.9.2](https://github.com/shaarli/Shaarli/releases/tag/v0.9.2) - 2017-10-07 14## [v0.9.2](https://github.com/shaarli/Shaarli/releases/tag/v0.9.2) - 2017-10-07
8 15
9**Major security issue fixed. Please update.** 16**Major security issue fixed. Please update.**
@@ -42,6 +49,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
42 49
43- Fixed reflected XSS vulnerability introduced in v0.9.1, discovered by @chb9 ([CVE-2017-15215](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15215)). 50- Fixed reflected XSS vulnerability introduced in v0.9.1, discovered by @chb9 ([CVE-2017-15215](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15215)).
44 51
52
45## [v0.9.1](https://github.com/shaarli/Shaarli/releases/tag/v0.9.1) - 2017-08-23 53## [v0.9.1](https://github.com/shaarli/Shaarli/releases/tag/v0.9.1) - 2017-08-23
46 54
47The documentation has been migrated to ReadTheDocs: 55The documentation has been migrated to ReadTheDocs:
@@ -115,7 +123,7 @@ Theming:
115 - Introduce a new theme 123 - Introduce a new theme
116 - Allow selecting themes/templates from the configuration page 124 - Allow selecting themes/templates from the configuration page
117 - New/Edit link form can be submitted using CTRL+Enter in the textarea 125 - New/Edit link form can be submitted using CTRL+Enter in the textarea
118 - Shaarli version is displayed in the footer when logged in 126 - Shaarli version is displayed in the footer when logged in
119- Add plugin placeholders to Atom/RSS feed templates 127- Add plugin placeholders to Atom/RSS feed templates
120- Add OpenSearch to feed templates 128- Add OpenSearch to feed templates
121- Add `campaign_` to the URL cleanup pattern list 129- Add `campaign_` to the URL cleanup pattern list
@@ -145,7 +153,7 @@ Theming:
145- Improved date time display depending on the locale 153- Improved date time display depending on the locale
146- Partial namespace support for Shaarli classes 154- Partial namespace support for Shaarli classes
147- Shaarli version is now only present in `shaarli_version.php` 155- Shaarli version is now only present in `shaarli_version.php`
148- Human readable maximum file size upload 156- Human readable maximum file size upload
149 157
150 158
151### Removed 159### Removed
@@ -171,6 +179,12 @@ Theming:
171- Markdown plugin: escape HTML entities by default 179- Markdown plugin: escape HTML entities by default
172 180
173 181
182## [v0.8.5](https://github.com/shaarli/Shaarli/releases/tag/v0.8.5) - 2018-01-04
183**XSS vulnerability fixed. Please update.**
184
185## Security
186- Fix an XSS (cross-site-scripting) vulnerability in `index.php`
187
174## [v0.8.4](https://github.com/shaarli/Shaarli/releases/tag/v0.8.4) - 2017-03-04 188## [v0.8.4](https://github.com/shaarli/Shaarli/releases/tag/v0.8.4) - 2017-03-04
175### Security 189### Security
176- Markdown plugin: escape HTML entities by default 190- Markdown plugin: escape HTML entities by default
@@ -186,7 +200,7 @@ Theming:
186 200
187## [v0.8.1](https://github.com/shaarli/Shaarli/releases/tag/v0.8.1) - 2016-12-12 201## [v0.8.1](https://github.com/shaarli/Shaarli/releases/tag/v0.8.1) - 2016-12-12
188 202
189> Note: this version will create an automatic backup of your database if anything goes wrong. 203> Note: this version will create an automatic backup of your database if anything goes wrong.
190 204
191### Added 205### Added
192- Add CHANGELOG.md to track the whole project's history 206- Add CHANGELOG.md to track the whole project's history
@@ -203,7 +217,7 @@ Theming:
203- Link ID complete refactoring: 217- Link ID complete refactoring:
204 - Links now have a numeric ID instead of dates 218 - Links now have a numeric ID instead of dates
205 - Short URLs are now created once and can't change over time (previous URL are kept) 219 - Short URLs are now created once and can't change over time (previous URL are kept)
206- Templates: 220- Templates:
207 - Changed placeholder behaviour for: `buttons_toolbar`, `fields_toolbar` and `action_plugin` 221 - Changed placeholder behaviour for: `buttons_toolbar`, `fields_toolbar` and `action_plugin`
208 - Cleanup `{loop}` declarations in templates 222 - Cleanup `{loop}` declarations in templates
209 - Tools: hide Firefox Social button when not in HTTPS 223 - Tools: hide Firefox Social button when not in HTTPS
@@ -221,7 +235,7 @@ Theming:
221- Plugins: 235- Plugins:
222 - Tools: only display parameter description when it exists 236 - Tools: only display parameter description when it exists
223 - archive.org: do not propose archival of private notes 237 - archive.org: do not propose archival of private notes
224 - Markdown: 238 - Markdown:
225 - render links properly in code blocks 239 - render links properly in code blocks
226 - bug regarding the `nomarkdown` tag 240 - bug regarding the `nomarkdown` tag
227 - W3C compliance 241 - W3C compliance
@@ -360,7 +374,7 @@ Please use our release archives, or follow the
360### Fixed 374### Fixed
361- Fix a bug where renaming a tag was causing a 404 375- Fix a bug where renaming a tag was causing a 404
362- Fix a bug allowing to search blank terms 376- Fix a bug allowing to search blank terms
363- Fix a bug preventing to remove a tag with special chars when searching 377- Fix a bug preventing to remove a tag with special chars when searching
364 378
365 379
366## [v0.6.2](https://github.com/shaarli/Shaarli/releases/tag/v0.6.2) - 2015-12-23 380## [v0.6.2](https://github.com/shaarli/Shaarli/releases/tag/v0.6.2) - 2015-12-23
@@ -666,7 +680,7 @@ Initial release on GitHub.
666- When you click the key to see only private links, it turns yellow 680- When you click the key to see only private links, it turns yellow
667 681
668### Changed 682### Changed
669- The "Daily" page now automatically skips empty days. 683- The "Daily" page now automatically skips empty days.
670 684
671### Fixed 685### Fixed
672- Corrected the tag encoding (there was a bug when selecting a second tag which contains accented characters) 686- Corrected the tag encoding (there was a bug when selecting a second tag which contains accented characters)
@@ -964,7 +978,7 @@ Initial release on GitHub.
964- Nicer timezone selection patch by killruana 978- Nicer timezone selection patch by killruana
965 979
966### Fixed 980### Fixed
967- New lines now appear correctly in the RSS feed descriptions. 981- New lines now appear correctly in the RSS feed descriptions.
968 982
969 983
970## [v0.0.17beta](http://sebsauvage.net/wiki/doku.php?id=php:shaarli:history) 984## [v0.0.17beta](http://sebsauvage.net/wiki/doku.php?id=php:shaarli:history)
@@ -1018,7 +1032,7 @@ Initial release on GitHub.
1018## [v0.0.14beta](http://sebsauvage.net/wiki/doku.php?id=php:shaarli:history) 1032## [v0.0.14beta](http://sebsauvage.net/wiki/doku.php?id=php:shaarli:history)
1019### Added 1033### Added
1020- You no longer need to disable `magic_quotes` on your host. 1034- You no longer need to disable `magic_quotes` on your host.
1021 Shaarli will cope with this option beeing activated. 1035 Shaarli will cope with this option beeing activated.
1022 1036
1023 1037
1024## [v0.0.13beta](http://sebsauvage.net/wiki/doku.php?id=php:shaarli:history) 1038## [v0.0.13beta](http://sebsauvage.net/wiki/doku.php?id=php:shaarli:history)