Discourse 3.1.4 Stable Release
Discourse strongly recommends that all sites follow the default tests-passed branch of Discourse. The “stable” branch is more focused on lack of change than lack of bugs - all releases, including those on tests-passed and beta are production ready.
Bug Fixes
- Validate each value in an array custom field separately (24659)
- Allow setting an array custom field to a singleton value (24636)
- Preserve custom field array order (24491)
Security Changes
- Prevent guest users from accessing secure uploads when login required CVE-2023-49099
- Store custom field values according to their registered type CVE-2024-21655
- Run custom field validations with save_custom_fields CVE-2024-21655
- Ensures mentioned_users is limited CVE-2023-48297