2.7.10: Security Release

jomaxro · November 15, 2021, 4:26pm

Discourse 2.7.10 Stable Release

Discourse strongly recommends that all sites follow the default tests-passed branch of Discourse. The “stable” branch is more focused on lack of change than lack of bugs - all releases, including those on tests-passed and beta are production ready.

Changes

Security:

Disallow caching of MIME/Content-Type errors (CVE-2021-41271)
Ensure _forum_session cookies cannot be reused between sites (CVE-2021-41263)

Topic		Replies	Views
2.7.12: Security Release Announcements release-notes	0	956	December 21, 2021
2.8.7: Security Release Announcements release-notes	0	793	July 27, 2022
2.7.7: Security Release Announcements release-notes	0	993	July 23, 2021
2.7.4: Minor Patch Release Announcements release-notes	1	790	June 9, 2021
2.7.9: Security Release Announcements release-notes	1	1066	October 20, 2021

2.7.10: Security Release

Discourse 2.7.10 Stable Release

Changes

Security:

Related topics