Cloudron Forum

[1.17.12] Update mastodon to 4.5.11 Full Changelog Fix allowed attribution domains spoofing (GHSA-rwcw-vq68-g34p) Fix uncaught exception in message sanitization causing Denial of Service (GHSA-qrgq-9fx2-vf2r) Update dependencies Fix remote statuses with large media descriptions being rejected (#39135 by @ClearlyClaire)

[1.17.1] Update pocketbase to 0.39.1 Full Changelog Fixed multiple select options wrapping (#7720). Return the hidden record data fields for superusers realtime subscribers (#7721). Added default panic-recover handling for the cron jobs to avoid terminating the server on panic. Bumped the min Go GitHub action version to 1.26.4 as it includes some minor security fixes.

[0.2.0] Update urlaubsverwaltung to 6.0.0-M5 Full Changelog Add Romania to public holiday support #6118 overview: fix sicknotes and application links for management and add buttons and holiday replacements #6160 Avatar-Men wird an falscher Position angezeigt #6138 Empty States fr Krankmeldungen, berstunden und Abwesenheiten einfhren #6139 Tooltip bleibt manchmal sichtbar, obwohl Maus nicht mehr ber Button #5838 UI-Abstnde in der Urlaubsverwaltung bei Abwesenheiten inkonsistent #6136 berstundenbersicht auf kleinen Displays schlecht lesbar #6137 date-fns cannot parse "6. Jnner" (#5842)

[2.5.2] Update grafana to 13.0.2 Full Changelog

[1.42.0] Update nocodb | stage to 2026.06.0 Full Changelog

TShock Detail Link / Info Wishlist topic Topic Author @tachy Repository Repository Install CloudronVersions.json If you have questions or issues about this community app, please open a separate topic in the @community-apps category and link to this reply.

[1.25.0] Update typebot.io to 3.17.1 Full Changelog Fix upload proxy public URL (#2508) Add Ask Model action using OpenAI Responses API (#2455) Add time filter to results export and fix CSV download on R2 (#2449) (openai) Add Ask Model file search controls (#2483) Handle GA script load failure to prevent bot from hanging (#2446) Fix transcript compute crash on choice items with session-var display condition (#2468) Fix credential access control and remove vulnerable S3 upload endpoint (#2459) Fix SSRF bypass via DNS rebinding in HTTP request and script fetch flows (#2461) Add SSRF_ALLOWED_HOSTS env for self-hosted internal APIs (#2474) Sanitize CSV exports against formula injection (#2493)

[1.41.2] Fix album cover issue

[2.5.2] Update transmission to 4.1.2 Full Changelog Fixed 4.1.0 bug that could cause duplicate HTTP announces to be sent to trackers. (#8639) Reject benc data that has invalid characters. (#8577) Fixed a bug during the startup sequence where if one torrent failed to parse, subsequent torrents would also fail. (#8605) Fixed a bug that stalled some downloads at 99%. (#8654) Fixed a 4.1.0 upgrade bug that could overwrite utp_enabled and tcp_enabled settings. (#8658) Fixed a 4.1.0 crash that could happen when a peer supplied reqq value smaller than 32 in LTEP handshake. (#8713) Fixed a 4.1.0 bug that prevented TCP peer connections on some systems. (#8748) Added safeguards to HTTP responses to prevent clickjacking. (#8749) Fixed edge case that didn't preserve the order of a batch of torrents when moving their queue position up or down. (#8782) Added sanitization for UTF-8 client names provided by peers during handshake. (#8809)