Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. HedgeDoc
  3. HedgeDoc - Package Updates

HedgeDoc - Package Updates

Scheduled Pinned Locked Moved HedgeDoc
36 Posts 3 Posters 7.8k Views 3 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • girishG Offline
    girishG Offline
    girish
    Staff
    wrote on last edited by
    #2

    Pushed package v1.9.0 which updates the base image to 2.0.0

    1 Reply Last reply
    0
    • girishG Offline
      girishG Offline
      girish
      Staff
      wrote on last edited by
      #3

      [1.10.0]

      • Add forum url in manifest
      1 Reply Last reply
      0
      • girishG Offline
        girishG Offline
        girish
        Staff
        wrote on last edited by
        #4

        [1.11.0]

        • CodiMD is now HedgeDoc
        • Update HedgeDoc to 1.7.0
        • Full changelog
        • Improvements to our cookie handling
        • Compatibility with Node 14
        • Translation updates
        • Various dependency updates
        1 Reply Last reply
        0
        • girishG Offline
          girishG Offline
          girish
          Staff
          wrote on last edited by
          #5

          [1.11.1]

          • Update HedgeDoc to 1.7.1
          • Full changelog
          • CVE-2020-26286: Arbitrary file upload
          • CVE-2020-26287: Stored XSS in mermaid diagrams
          1 Reply Last reply
          0
          • girishG Offline
            girishG Offline
            girish
            Staff
            wrote on last edited by
            #6

            [1.11.2]

            • Update HedgeDoc to 1.7.2
            • Full changelog
            • CVE-2021-21259: Stored XSS in slide mode - An attacker can inject arbitrary JavaScript into a HedgeDoc note.
            1 Reply Last reply
            0
            • girishG Offline
              girishG Offline
              girish
              Staff
              wrote on last edited by
              #7

              [1.12.0]

              • Update base image to v3
              1 Reply Last reply
              0
              • girishG Offline
                girishG Offline
                girish
                Staff
                wrote on last edited by
                #8

                [1.12.1]

                • Rename HMD env vars to CMD
                • Move package files to /app/pkg
                1 Reply Last reply
                0
                • girishG Offline
                  girishG Offline
                  girish
                  Staff
                  wrote on last edited by
                  #9

                  [1.13.0]

                  • Update HedgeDoc to 1.8.0
                  • Full changelog
                  • CVE-2021-29474: Relative path traversal Attack on note creation
                  • Removed dependency on external imgur library
                  • HTML language tags are now set up in a way that stops Google Translate from translating note contents while editing
                  • Removed yahoo.com from the default content security policy
                  • New translations for Bulgarian, Persian, Galician, Hebrew, Hungarian, Occitan and Brazilian Portuguese
                  • Updated translations for Arabic, English, Esperanto, Spanish, Hindi, Japanese, Korean, Polish, Portuguese, Turkish and Traditional Chinese
                  • CVE-2021-21306: Underscore ReDoS in the marked library
                  1 Reply Last reply
                  0
                  • girishG Offline
                    girishG Offline
                    girish
                    Staff
                    wrote on last edited by
                    #10

                    [1.13.1]

                    • Update HedgeDoc to 1.8.1
                    • Full changelog
                    • Improve behavior of the 'Quote', 'List', 'Unordered List' and 'Check List' buttons in the editor to automatically apply to the complete first and last line of the selection
                    • Fix click handler for numbered task
                    1 Reply Last reply
                    0
                    • girishG Offline
                      girishG Offline
                      girish
                      Staff
                      wrote on last edited by
                      #11

                      [1.13.2]

                      • Update HedgeDoc to 1.8.2
                      • Full changelog
                      • CVE-2021-29503: Improper Neutralization of Script-Related HTML Tags in Notes
                      • Fix a potential XSS-vector in the handling of usernames and profile pictures
                      1 Reply Last reply
                      0
                      • girishG Offline
                        girishG Offline
                        girish
                        Staff
                        wrote on last edited by
                        #12

                        [1.14.0]

                        • Change default note permission for new installs to be editable (matches upstream defaults)
                        1 Reply Last reply
                        0
                        • girishG Offline
                          girishG Offline
                          girish
                          Staff
                          wrote on last edited by
                          #13

                          [1.15.0]

                          • Update HedgeDoc to 1.9.0
                          • Full changelog
                          • CVE-2021-39175: XSS vector in slide mode speaker-view
                          • This release removes Google Analytics and Disqus domains from our default Content Security Policy, because they were repeatedly used to exploit security vulnerabilities.
                            If you want to continue using Google Analytics or Disqus, you can re-enable them in the config.
                          1 Reply Last reply
                          0
                          • nebulonN Offline
                            nebulonN Offline
                            nebulon
                            Staff
                            wrote on last edited by
                            #14

                            The next version is blocked by a known passport node module issue. Upstream already has a branch with fixes but we will just wait for a fixed official release.

                            1 Reply Last reply
                            0
                            • girishG Offline
                              girishG Offline
                              girish
                              Staff
                              wrote on last edited by
                              #15

                              [1.15.1]

                              • Update HedgeDoc to 1.9.2
                              • Full changelog
                              • Add workaround for incorrect CSP handling in Safari
                              • Fix crash when an unexpected response from the GitLab API is encountered
                              • Fix crash when using hungarian language
                              1 Reply Last reply
                              0
                              • girishG Offline
                                girishG Offline
                                girish
                                Staff
                                wrote on last edited by
                                #16

                                [1.15.2]

                                • Update base image to 3.2.0
                                1 Reply Last reply
                                0
                                • nebulonN Offline
                                  nebulonN Offline
                                  nebulon
                                  Staff
                                  wrote on last edited by
                                  #17

                                  [1.15.3]

                                  • Update HedgeDoc to 1.9.3
                                  • Full changelog
                                  • Fix Enumerable upload file names
                                  • Libravatar avatars render as ident-icons when no avatar image was uploaded to Libravatar or Gravatar
                                  • Add database connection error message to log output
                                  • Allow SAML authentication provider to be named
                                  • Suppress error message when git binary is not found
                                  1 Reply Last reply
                                  0
                                  • nebulonN Offline
                                    nebulonN Offline
                                    nebulon
                                    Staff
                                    wrote on last edited by
                                    #18

                                    [1.15.4]

                                    • Update HedgeDoc to 1.9.4
                                    • Full changelog
                                    • Remove unexpected shell call during migrations
                                    • More S3 config options: upload folder & public ACL (thanks to @lautaroalvarez)
                                    1 Reply Last reply
                                    0
                                    • girishG Offline
                                      girishG Offline
                                      girish
                                      Staff
                                      wrote on last edited by
                                      #19

                                      [1.15.5]

                                      • Change allowFreeUrl to allowFreeURL in default config
                                      1 Reply Last reply
                                      0
                                      • girishG Offline
                                        girishG Offline
                                        girish
                                        Staff
                                        wrote on last edited by
                                        #20

                                        [1.15.6]

                                        • Update HedgeDoc to 1.9.5
                                        • Full changelog
                                        • Add dark mode toggle in mobile view
                                        • Replace embedding shortcode regexes with more specific ones to safeguard against XSS attacks
                                        1 Reply Last reply
                                        0
                                        • girishG Offline
                                          girishG Offline
                                          girish
                                          Staff
                                          wrote on last edited by
                                          #21

                                          [1.15.7]

                                          • Update HedgeDoc to 1.9.6
                                          • Full changelog
                                          • Fix migrations deleting all notes when SQLite is used
                                          1 Reply Last reply
                                          0
                                          Reply
                                          • Reply as topic
                                          Log in to reply
                                          • Oldest to Newest
                                          • Newest to Oldest
                                          • Most Votes


                                          • Login

                                          • Don't have an account? Register

                                          • Login or register to search.
                                          • First post
                                            Last post
                                          0
                                          • Categories
                                          • Recent
                                          • Tags
                                          • Popular
                                          • Bookmarks
                                          • Search