Cloudron Forum

[0.5.0] Update microbin to 2.1.4 Full Changelog Patch #326, change env defaults, bump to 2.1.4 by @szabodanika in #327 Change content handling to use byte buffer instead of parsing chunks directly by @ybalbert in #299 derive version from binary by @nastyagrifon in #306 Add missing public_path to some Location redirects by @farfalleflickan in #307 fix vertical layout on smartphones by @underoll in #308 Add multi-attachment support by @szabodanika in #309 improve logging with real ip by @Sofyan-SU in #311 Fix threading issue by deferring lock acquisition during file uploads by @szabodanika in #313 Support default privacy setting by @szabodanika in #314 Add MICROBIN_MAX_EXPIRY arg by @szabodanika in #321

[1.2.0] Update seaweedfs to 4.25 Full Changelog admin: attach admin-signed Bearer token on filer IAM gRPC calls by @chrislusf in #9498 fix(ec): clear cross-server stale EC shards before re-distribute (#9478) by @chrislusf in #9499

[0.13.0] Update rustfs to 1.0.0-beta.2 Full Changelog fix: docker image build and helm chart publish error caused by versio by @majinghe in #2731 fix(admin): harden site-replication identity handling and local verification for issue 2723 by @houseme in #2730 feat: helm publish manual trigger support by @majinghe in #2732 fix(filemeta): harden and optimize metacache path by @GatewayJ in #2724 fix: handle empty multipart list-parts by @overtrue in #2765 fix(security): harden CORS and license handling by @overtrue in #2774 RUSTFS_CONSOLE_CORS_ALLOWED_ORIGINS now defaults to an empty value, which keeps the console same-origin only, instead of the previous wildcard * default. Cross-origin console deployments that relied on the old wildcard behavior must set RUSTFS_CONSOLE_CORS_ALLOWED_ORIGINS=* to restore it, or configure an explicit comma-separated allow-list. See #2769. fix(rpc): use map-encoded msgpack for all internode RPC responses by @kharkevich in #2771 feat(helm-chart): support scale to 0 in standalone mode by @dcelasun in #2797 fix: reload bucket metadata after lifecycle updates by @cxymds in #2822

[1.2.2] Update docmost to 0.80.2 Full Changelog Fix AWS_S3_FORCE_PATH_STYLE bug which breaks file reads in some installations.

[1.6.1] Update keycloak to 26.6.1 Full Changelog #47276 CVE-2026-4366 Blind Server-Side Request Forgery (SSRF) via HTTP Redirect Handling core #47619 CVE-2026-4633 Keycloak user enumeration via identity-first login core #47839 Update CloudNativePG to 1.29 #47909 Database data at rest encryption #47776 False session type of access token in offline_access refresh token flow with scope parameter without offline_access scope oidc #47872 v26.6.0 Operator flood logs with warnings operator #47904 @keycloak/keycloak-admin-client fails to install in version 26.6.0 admin/client-js #47908 MigrateTo26_6_0 modifies custom browser flows, breaking existing realm authentication organizations #47955 IdentityProviderAuthenticator creates an infinite redirect loop when an IdP returns an error (e.g. access_denied) and the login was initiated with kc_idp_hint identity-brokering #47929 User profile multiselect options not highlighted as selected in dropdown admin/ui

[1.21.2] Fix permission issue with monolith

[1.22.3] Update evcc to 0.306.3 Full Changelog Revert "Templates: fix intervall type (BC) (#29698)" Templates: fix intervall type (BC) (#29698) Wallbe: remove deprecated (BC) (#29647) Add ZAR (South African Rand) to currency list (#29620) Siemens 7KT: add voltages (#29732) Bluelink: fix unmarshal float EvModeRange.Value from Hyundai EU API (#29687) EEBus: fix LPC/LPP CS failsafe-exit path (#29705) EEBus: named scenario constants + fix MGCP scenario indices (#29701) OCPP: fix flaky test deadlock between trigger handler and WS read loop (#29725) Tessie: fix wakeup uri (#29726)

[1.21.0] Update documenso to 2.11.0 Full Changelog fix: prevent 2fa users from being flagged as bots by @Mythie in #2748 feat: allow add myself feature for embeds by @dguyen in #2754 feat: remove default personal orgs from custom sso by @dguyen in #2741 feat: add pending signed PDF downloads by @ephraimduncan in #2730 feat: add DD-MM-YYYY date format variants by @catalinpit in #2767 fix: paginate and search member/group pickers by @Mythie in #2768 feat: add new field overflow methods by @dguyen in #2715 feat: add granular signup disable flags by @ephraimduncan in #2765 feat: add custom branding for signing pages by @Mythie in #2785 feat: support DOCX uploads via Gotenberg by @Mythie in #2801

[1.3.0] Update base image to 5.0.0