Security Release
This is a security release to address a brute-force based vulnerability related to multi-factor authentication, and to update project libraries to help avoid potential vulnerabilities that have been reported in those.
Upgrade is generally advised, but strongly so where multi-factor authentication is used & considered as a critical layer of defense.
Thanks to Stephen O. / Sakusen (Codeberg, Website) for responsibly reporting these issues.
Full List of Changes
- Updated PHP package versions.
- Updated MFA verification routes with rate limiting.