github saleor/saleor 3.17.19
on GitHub

latest releases: 3.19.54, 3.19.53, dataloader.test...
5 months ago

What's Changed

  • Fix promotionCreate mutation to allow creating rules with no channels specified. by @zedzior in #15249
  • Fix creating promotion rule without catalogue predicate by @SzymJ in #15276
  • GHA: publish container images using GITHUB_TOKEN by @NyanKiyoshi in #15294
  • deps: update pillow, cryptography, jinja2 to latest by @NyanKiyoshi in #15301
    CVE fixes:
    • (cryptography) CVE-2023-49083: NULL-dereference when loading PKCS7 certificates.
    • (pillow) CVE-2023-50447: Arbitrary Code Execution in Pillow.
    • (pillow) No CVE: ImageFont.getmask: (2x) potential DoS.
    • (jinja2) CVE-2024-22195: vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter.
  • async webhooks: add extra data in failure logs by @NyanKiyoshi in #15312

Full Changelog: 3.17.18...3.17.19

Check out latest releases or
releases around saleor/saleor 3.17.19

Don't miss a new saleor release

NewReleases is sending notifications on new releases.

Get notifications