2.7.13: Security Release

jomaxro · January 13, 2022, 3:24pm

Discourse 2.7.13 Stable Release

Discourse strongly recommends that all sites follow the default tests-passed branch of Discourse. The “stable” branch is more focused on lack of change than lack of bugs - all releases, including those on tests-passed and beta are production ready.

Changes

Security:

Do not sign in unapproved users (CVE-2022-21684)
Advanced group search did not respect visibility of groups. (CVE-2022-21677)
Hide user’s bio if profile is restricted (CVE-2022-21678)
Only show user suggestions with regular post (CVE-2022-21642)

Topic	Replies	Views
2.7.10: Security Release Announcements release-notes	893	November 15, 2021
2.7.7: Security Release Announcements release-notes	993	July 23, 2021
2.8.13: Security Release Announcements release-notes	985	November 29, 2022
2.7.12: Security Release Announcements release-notes	956	December 21, 2021
2.8.7: Security Release Announcements release-notes	793	July 27, 2022

2.7.13: Security Release

Discourse 2.7.13 Stable Release

Changes

Security:

Related topics