This release is just backporting important security fixes from v2.2.3 in case you are still on v2.1 and cannot upgrade to v2.2.3 quickly.
⚠️ Security fixes
- Strip
@
,+
,-
and=
from the beginning of strings when exporting CSV files to avoid security issues when opening the CSV file in Excel - Use 027 instead of 000 umask when temporarily changing it to get the current umask
- Fix LaTeX sanitization to prevent malicious users from running unsafe LaTeX commands through specially crafted abstracts or contribution descriptions, which could lead to the disclosure of local file contents