Bug Fixes
- OIDC session cookie: use a cryptographically secure opaque random string, as we already do in all other security-sensitive code in SFTPGo. CVE-2024-52801. Thanks to @denisvr72 for reporting.
- EventManager: fix connection leak when performing file operations on a third-party SFTP server, for example, to copy a file to another SFTP server after an upload.
CI
- Switch to Azure Trusted Signing to sign Windows binaries.