Releases: linuxserver/docker-bookstack
v22.03-ls8
LinuxServer Changes:
Add symlinks for theme support.
bookstack Changes:
Links
Upgrade Notices
- Webhook Data Changes - Properties found at the
related_item -> created_by/updated_by/owned_bypath of the webhook data will now be an object instead of an ID integer. If you were using these ids you'd now need to access them within the relevant objects. (For examplerelated_item.created_by.id).
Full List of Changes
- Added support for checkbox tasklists in the WYSIWYG editor. (#3333, #4)
- Added WYSIWYG control to remove & edit links. (#3276, #3298)
- Added WYSIWYG
Ctrl+Shift+Kshortcut to show entity selector popup shortcut in WYSIWYG editor. (#3244, #3298) - Added LDAP user group debugging option. (#3345)
- Added support for the Basque language. (#3296)
- Updated settings view with a re-organized layout for a less confusing user experience. (#3349, #3221)
- Updated code block rendering in WYSIWYG to help prevent scroll jumping upon undo/redo. (#3326)
- Updated translations with latest Crowdin updates. (#3320)
- Updated webhook data to include details of page/chapter/shelf/book creator/updater/owner. (#3279)
- Updated webhook data to include revision details on page_update and page_create events. (#3218)
- Fixed lack of translation support for some editor buttons. (#3342)
- Fixed incorrect page concatenation in book markdown export. (#3341)
- Fixed usage of
<br>tags within code blocks instead of newlines when using the WYSIWYG editor. (#3327) - Fixed image thumbnail generation not taking EXIF rotation data into account. (#1854)
v22.02.3-ls8
LinuxServer Changes:
Add symlinks for theme support.
bookstack Changes:
Security Release
This is a security release that adds better protections against embedded content that could be used in malicious ways. This effectively restricts embedded iframe content in an allow-list approach.
A new ALLOWED_IFRAME_SOURCES option has been added to provide configuration of allowed embed/iframe sources within BookStack pages, and this defaults to a couple of popular services such as YouTube and Vimeo.
Please see this link for more detail regarding this option:
- https://www.bookstackapp.com/docs/admin/security/#iframe-src-control
- ("Iframe Source Control" section)
It's advised to upgrade as soon as possible if untrusted users can create or update pages within your BookStack instance.
Thanks to @416e6e61 (Anna) for discovering and reporting this vulnerability via huntr.dev.
Full List of Changes
Contributors
Assets 2
v22.02.3-ls7
LinuxServer Changes:
Add symlinks for theme support.
bookstack Changes:
Security Release
This is a security release that adds better protections against embedded content that could be used in malicious ways. This effectively restricts embedded iframe content in an allow-list approach.
A new ALLOWED_IFRAME_SOURCES option has been added to provide configuration of allowed embed/iframe sources within BookStack pages, and this defaults to a couple of popular services such as YouTube and Vimeo.
Please see this link for more detail regarding this option:
- https://www.bookstackapp.com/docs/admin/security/#iframe-src-control
- ("Iframe Source Control" section)
It's advised to upgrade as soon as possible if untrusted users can create or update pages within your BookStack instance.
Thanks to @416e6e61 (Anna) for discovering and reporting this vulnerability via huntr.dev.
Full List of Changes
Contributors
Assets 2
v22.02.3-ls6
LinuxServer Changes:
Add symlinks for theme support.
bookstack Changes:
Security Release
This is a security release that adds better protections against embedded content that could be used in malicious ways. This effectively restricts embedded iframe content in an allow-list approach.
A new ALLOWED_IFRAME_SOURCES option has been added to provide configuration of allowed embed/iframe sources within BookStack pages, and this defaults to a couple of popular services such as YouTube and Vimeo.
Please see this link for more detail regarding this option:
- https://www.bookstackapp.com/docs/admin/security/#iframe-src-control
- ("Iframe Source Control" section)
It's advised to upgrade as soon as possible if untrusted users can create or update pages within your BookStack instance.
Thanks to @416e6e61 (Anna) for discovering and reporting this vulnerability via huntr.dev.
Full List of Changes
Contributors
Assets 2
v22.02.3-ls5
LinuxServer Changes:
Rebase to Alpine 3.14.
bookstack Changes:
Security Release
This is a security release that adds better protections against embedded content that could be used in malicious ways. This effectively restricts embedded iframe content in an allow-list approach.
A new ALLOWED_IFRAME_SOURCES option has been added to provide configuration of allowed embed/iframe sources within BookStack pages, and this defaults to a couple of popular services such as YouTube and Vimeo.
Please see this link for more detail regarding this option:
- https://www.bookstackapp.com/docs/admin/security/#iframe-src-control
- ("Iframe Source Control" section)
It's advised to upgrade as soon as possible if untrusted users can create or update pages within your BookStack instance.
Thanks to @416e6e61 (Anna) for discovering and reporting this vulnerability via huntr.dev.
Full List of Changes
Contributors
Assets 2
v22.02.3-ls4
LinuxServer Changes:
Rebase to Alpine 3.14.
bookstack Changes:
Security Release
This is a security release that adds better protections against embedded content that could be used in malicious ways. This effectively restricts embedded iframe content in an allow-list approach.
A new ALLOWED_IFRAME_SOURCES option has been added to provide configuration of allowed embed/iframe sources within BookStack pages, and this defaults to a couple of popular services such as YouTube and Vimeo.
Please see this link for more detail regarding this option:
- https://www.bookstackapp.com/docs/admin/security/#iframe-src-control
- ("Iframe Source Control" section)
It's advised to upgrade as soon as possible if untrusted users can create or update pages within your BookStack instance.
Thanks to @416e6e61 (Anna) for discovering and reporting this vulnerability via huntr.dev.
Full List of Changes
Contributors
Assets 2
v22.02.3-ls3
LinuxServer Changes:
Rebase to Alpine 3.14.
bookstack Changes:
Security Release
This is a security release that adds better protections against embedded content that could be used in malicious ways. This effectively restricts embedded iframe content in an allow-list approach.
A new ALLOWED_IFRAME_SOURCES option has been added to provide configuration of allowed embed/iframe sources within BookStack pages, and this defaults to a couple of popular services such as YouTube and Vimeo.
Please see this link for more detail regarding this option:
- https://www.bookstackapp.com/docs/admin/security/#iframe-src-control
- ("Iframe Source Control" section)
It's advised to upgrade as soon as possible if untrusted users can create or update pages within your BookStack instance.
Thanks to @416e6e61 (Anna) for discovering and reporting this vulnerability via huntr.dev.
Full List of Changes
Contributors
Assets 2
v22.02.2-ls3
LinuxServer Changes:
Rebase to Alpine 3.14.
bookstack Changes:
Links
Full List of Changes
This release contains the following fixes and changes:
v22.02.2-ls2
LinuxServer Changes:
Rebase to Alpine 3.14.
bookstack Changes:
Links
Full List of Changes
This release contains the following fixes and changes:
v22.02.1-ls2
LinuxServer Changes:
Rebase to Alpine 3.14.
bookstack Changes:
Links
Full List of Changes
This release contains the following fixes and changes: