2.7.11: Security Release

jomaxro · December 1, 2021, 4:48pm

Discourse 2.7.11 Stable Release

Discourse strongly recommends that all sites follow the default tests-passed branch of Discourse. The “stable” branch is more focused on lack of change than lack of bugs - all releases, including those on tests-passed and beta are production ready.

Changes

Security:

Strip unrendered unicode bidirectional chars in code blocks (CVE-2021-42574)
Only show tags to users with permission (CVE-2021-43792)
Remove ember-cli specific response from application routes (CVE-2021-43794)
Validate number of votes allowed per poll per user (CVE-2021-43793)

Topic	Replies	Views
2.8.11: Security Release Announcements release-notes	964	November 14, 2022
2.7.8: Security Release Announcements release-notes	956	September 1, 2021
2.7.10: Security Release Announcements release-notes	893	November 15, 2021
2.7.12: Security Release Announcements release-notes	955	December 21, 2021
2.8.7: Security Release Announcements release-notes	792	July 27, 2022

2.7.11: Security Release

Discourse 2.7.11 Stable Release

Changes

Security:

Related topics