Releases: linuxserver/docker-bookstack
v0.26.2-ls44
LinuxServer Changes:
Rebase to Alpine 3.9, add MySQL init logic.
bookstack Changes:
This release contains the following fixes and changes:
- Updated Russian translations. Thanks to @kostefun. (#1446, #1445, #1444, #1443)
- Updated Dutch translations. Thanks to @NootoNooto. (#1437)
- Updated page navigation to exclude empty heading items. (#1429)
- Updated custom-homepage views to display more consistently. (#1423)
- Updated image uploads to resize at double the previous resolution. (#1108)
- Fixed issue where chapter description would not show on book export. (#1465)
- Fixed page navigation to work on when used on mobile screen sizes. (#1454)
- Fixed issue casing a redirect to the 404 page upon login. (#1452)
- Fixed missing search bar on mobile search page. (#1450)
- Fixed issue where a page could be deleted when previously set as the homepage option. (#1447)
- Fixed issue causing horizontal scrollbar to show on some mobile views. (#1441)
- Fixed text shown on 'Info' mobile tab being overly faded-out. (#1441)
- Fixed issue where some UI elements would shown over the page editor when in mobile full-screen mode. (#1424)
- Fixed issue where pasting table content would insert as an image instead of a table or text. (#987)
- Fixed issue where book description would not show if it contained multi-byte characters. (#816)
v0.26.2-ls43
LinuxServer Changes:
Rebase to Alpine 3.9, add MySQL init logic.
bookstack Changes:
This release contains the following fixes and changes:
- Updated Russian translations. Thanks to @kostefun. (#1446, #1445, #1444, #1443)
- Updated Dutch translations. Thanks to @NootoNooto. (#1437)
- Updated page navigation to exclude empty heading items. (#1429)
- Updated custom-homepage views to display more consistently. (#1423)
- Updated image uploads to resize at double the previous resolution. (#1108)
- Fixed issue where chapter description would not show on book export. (#1465)
- Fixed page navigation to work on when used on mobile screen sizes. (#1454)
- Fixed issue casing a redirect to the 404 page upon login. (#1452)
- Fixed missing search bar on mobile search page. (#1450)
- Fixed issue where a page could be deleted when previously set as the homepage option. (#1447)
- Fixed issue causing horizontal scrollbar to show on some mobile views. (#1441)
- Fixed text shown on 'Info' mobile tab being overly faded-out. (#1441)
- Fixed issue where some UI elements would shown over the page editor when in mobile full-screen mode. (#1424)
- Fixed issue where pasting table content would insert as an image instead of a table or text. (#987)
- Fixed issue where book description would not show if it contained multi-byte characters. (#816)
v0.26.1-ls42
LinuxServer Changes:
Rebase to Alpine 3.9, add MySQL init logic.
bookstack Changes:
This release contains the following fixes and changes:
- Updated Swedish translations. Thanks to @Hambern. (#1433)
- Updated Spanish translations. Thanks to @moucho. (#1420)
- Updated Ukrainian translations. Thanks to @Mant1kor. (#1419)
- Updated tabbing order on login forms to be consistent and as expected. (#1418)
- Fixed issue where "Toggle Details" Button does not properly save state when using the Guest user. (#1431)
- Fixed issue where editor image paste, and markdown drawing insert, would fail with an error. (#1428)
- Fixed styling of card headers on the 404 page. (#1427)
- Fixed issues where Book names could leak via the shelves listing when set as the homepage option. (#1425)
Special thanks to @Bolthier for providing many good, detailed, bug reports since yesterday's release.
v0.26.1-ls41
LinuxServer Changes:
Rebase to Alpine 3.9, add MySQL init logic.
bookstack Changes:
This release contains the following fixes and changes:
- Updated Swedish translations. Thanks to @Hambern. (#1433)
- Updated Spanish translations. Thanks to @moucho. (#1420)
- Updated Ukrainian translations. Thanks to @Mant1kor. (#1419)
- Updated tabbing order on login forms to be consistent and as expected. (#1418)
- Fixed issue where "Toggle Details" Button does not properly save state when using the Guest user. (#1431)
- Fixed issue where editor image paste, and markdown drawing insert, would fail with an error. (#1428)
- Fixed styling of card headers on the 404 page. (#1427)
- Fixed issues where Book names could leak via the shelves listing when set as the homepage option. (#1425)
Special thanks to @Bolthier for providing many good, detailed, bug reports since yesterday's release.
v0.26.0-ls41
LinuxServer Changes:
Rebase to Alpine 3.9, add MySQL init logic.
bookstack Changes:
Links
Upgrade Notes
Internet Explorer Support - IE11 Support has now been dropped. We may support any critical issues for view-only scenarios otherwise please use a modern browser.
Translations - Since many interfaces and lines of text have been updated, It may take a little while for some translations to catch-up. Expect to see more English text than usual if you're using a non-English language option.
Images - Due to changes how images are handled, as detailed below, some types of images may become inaccessible. Old logo images will be deleted when changed. Unused Book/Shelf cover images & User profile images will be become inaccessible after the update so you may want to delete them before upgrade.
Security - On previous versions of BookStack it was possible for users to insert JavaScript via the Markdown editor using on* html attributes. These will now be removed on page render unless you have set ALLOW_CONTENT_SCRIPTS=true. If untrusted users has access to your BookStack you may want to scan for <<space_char>>on in the HTML column of the pages table to identify any malicious intent.
Full List of Changes
- Updated the application design for better mobile functionality and improved general UX. (#1153)
- Updated how profile, system & cover images are set & added extra permission checks on image actions. (#1410, #1307, #1128)
- Added the possibility to create a book directly within a shelf. Thanks to @cw1998. (#1366, #1260)
- Added sign-up link to login form and fixed differing name validation on sign-up. Thanks to @cw1998. (#1395, #1239)
- Added code block syntax highlight for OCaml, Haskell, Rust. Thanks to @XVilka. (#1344)
- Updated page content script escaping logic to strip inline JS event attributes. Thanks to @Xiphoseer for reporting.
- Updated revision restore to require confirmation and changed the method from GET so it's less likely to be accidentally triggered. (#1321)
- Updated shortcut used for markdown drawing manager to be cross-platform. (#1228)
- Updated Swedish translations. Thanks to @Hambern. (#1417)
- Fixed issue where duplicate ID's could sometimes break pages. (#1393)
- Fixed issue where user role assignments were not remembered, for roles with a dot in the name, on validation failure. Thanks to @cw1998. (#1392, #1325)
- Fixed issue where the port would be ignored if a full LDAP server URI was used. (#1386, #1278)
- Dropped IE11 support. (#1164)
v0.25.5-pkg-4001e764-ls40
LinuxServer Changes:
Rebase to Alpine 3.9, add MySQL init logic.
bookstack Changes:
Security Release
This release works on the changes from v0.25.4 and v0.25.3 to include additional security measures on file uploads.
For this release, Uploaded image files which have a name that includes more than a single extension are prevented from being uploaded since these could be used to upload executable files on some web-servers. In addition, Attachment uploads are now saved with randomly generated file names to make such upload operations safer to file name exploits.
Additional Changes
This release also contains the following translation updates:
v0.25.5-pkg-b16a636d-ls39
LinuxServer Changes:
Switching to new Base images, shift to arm32v7 tag.
bookstack Changes:
Security Release
This release works on the changes from v0.25.4 and v0.25.3 to include additional security measures on file uploads.
For this release, Uploaded image files which have a name that includes more than a single extension are prevented from being uploaded since these could be used to upload executable files on some web-servers. In addition, Attachment uploads are now saved with randomly generated file names to make such upload operations safer to file name exploits.
Additional Changes
This release also contains the following translation updates:
v0.25.5-pkg-9f541cff-ls38
LinuxServer Changes:
Switching to new Base images, shift to arm32v7 tag.
bookstack Changes:
Security Release
This release works on the changes from v0.25.4 and v0.25.3 to include additional security measures on file uploads.
For this release, Uploaded image files which have a name that includes more than a single extension are prevented from being uploaded since these could be used to upload executable files on some web-servers. In addition, Attachment uploads are now saved with randomly generated file names to make such upload operations safer to file name exploits.
Additional Changes
This release also contains the following translation updates:
v0.25.5-pkg-1eebeb22-ls37
LinuxServer Changes:
Switching to new Base images, shift to arm32v7 tag.
bookstack Changes:
Security Release
This release works on the changes from v0.25.4 and v0.25.3 to include additional security measures on file uploads.
For this release, Uploaded image files which have a name that includes more than a single extension are prevented from being uploaded since these could be used to upload executable files on some web-servers. In addition, Attachment uploads are now saved with randomly generated file names to make such upload operations safer to file name exploits.
Additional Changes
This release also contains the following translation updates:
v0.25.5-pkg-285ed901-ls36
LinuxServer Changes:
Switching to new Base images, shift to arm32v7 tag.
bookstack Changes:
Security Release
This release works on the changes from v0.25.4 and v0.25.3 to include additional security measures on file uploads.
For this release, Uploaded image files which have a name that includes more than a single extension are prevented from being uploaded since these could be used to upload executable files on some web-servers. In addition, Attachment uploads are now saved with randomly generated file names to make such upload operations safer to file name exploits.
Additional Changes
This release also contains the following translation updates: