Hi All,
We have published a new security advisory regarding a bad commit that was made on the tests-passed branch which resulted in group private messages having their title and participants leaked to all users.
The bad commit was present on the tests-passed branch from 2021-09-15T02:44:00Z → 2021-09-15T05:16:00Z. If your site is running against the tests-passed branch and an upgrade was done between the affected window, you’re advised to upgrade your site immediately to resolve the security problem.