just boring bugfixes
final release until late august unless something bad happens and i end up building this thing on a shinkansen
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
recent security / vulnerability fixes
- there is a discord server with an
@everyonein case of future important updates - v1.8.7 (2023-07-23) - CVE-2023-38501 - reflected XSS
- v1.8.2 (2023-07-14) - CVE-2023-37474 - path traversal (first CVE)
- all serverlogs reviewed so far (5 public servers) showed no signs of exploitation
bugfixes
- range-select with shiftclick:
- don't crash when entering another folder and shift-clicking some more
- remember selection origin when lazy-loading more stuff into the viewport
- markdown editor:
- fix confusing warnings when the browser cache decides it really wants to cache
- and when a document starts with a newline
- remember intended actions such as
?editon login prompts - Windows: TLS-cert generation (triggered by network changes) could occasionally fail