Security Patch: In previous versions full-read SSRF attacks are possible using the "from url" feature, please update promptly. Thanks for responsibly reporting @tonghuaroot!
Changes
- security: add SSRF prevention to url based downloads Co-authored-by: tonghuaroot tonghuaroot@gmail.com (be1698c)
- feat: add PDF to DOCX conversion support (#170) (dbbc69e)
- feat: add support for custom OIDC username claims (#164) (dd12da9)
- feat: add Chinese (zh-CN) language support with translations (AI assisted) (f3e8f9d)
- feat: add SHA256 verification for downloaded artifacts in Dockerfile (bdd9b50)
- feat: add customizable datetime display format (#167) (609224b)
- feat: display datetime in the browser's locale (#167) (89056fa)
- chore: update Calibre and Draw.io versions in Dockerfile (fixes #165 and fixes #166) (3c81aee)
- fix: update Dockerfile Calibre download URL to official site (dd10d2a)
- fix: Update fr.json (9e52a53 & 68c6505)
Version Information
- Full version:
v1.3.0 - Minor version tag:
v1.3 - Major version tag:
v1
Updated Tags
v1.3→v1.3.0(created)v1→v1.3.0(updated)