Discourse 3.0.5 Stable Release
Discourse strongly recommends that all sites follow the default tests-passed branch of Discourse. The “stable” branch is more focused on lack of change than lack of bugs - all releases, including those on tests-passed and beta are production ready.
Changes
Bug Fixes
- Fix broken topic embedding because of incomplete security patch
Security Changes
- limit amount of links in custom sidebar section CVE-2023-36818
- Don’t reuse CSP nonce between requests CVE-2023-36473
- ensure topic is valid before updating category CVE-2023-36466
- ReDoS vulnerability in URI gem Ruby CVE-2023-36617