WilliButz
0432a81670
hedgedoc: 1.8.0 -> 1.8.2
...
includes fixes for:
* CVE-2021-29503: Improper Neutralization of Script-Related HTML Tags in Notes
* a potential XSS-vector in the handling of usernames and profile pictures
https://github.com/hedgedoc/hedgedoc/releases/tag/1.8.2
2021-05-11 23:59:13 +02:00
WilliButz
0a27a76b27
hedgedoc: 1.7.2 -> 1.8.0
...
https://github.com/hedgedoc/hedgedoc/releases/tag/1.8.0
includes fixes for CVE-2021-21306 and CVE-2021-29474
2021-05-04 09:58:17 +02:00
WilliButz
a646165d0c
hedgedoc: 1.7.1 -> 1.7.2, fixes CVE-2021-21259
...
https://github.com/hedgedoc/hedgedoc/releases/tag/1.7.2
CVE-2021-21259:
https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-44w9-vm8p-3cxw
2021-01-16 00:44:29 +01:00
Profpatsch
4a7f99d55d
treewide: with stdenv.lib; in meta -> with lib;
...
Part of: https://github.com/NixOS/nixpkgs/issues/108938
meta = with stdenv.lib;
is a widely used pattern. We want to slowly remove
the `stdenv.lib` indirection and encourage people
to use `lib` directly. Thus let’s start with the meta
field.
This used a rewriting script to mostly automatically
replace all occurances of this pattern, and add the
`lib` argument to the package header if it doesn’t
exist yet.
The script in its current form is available at
https://cs.tvl.fyi/depot@2f807d7f141068d2d60676a89213eaa5353ca6e0/-/blob/users/Profpatsch/nixpkgs-rewriter/default.nix
2021-01-11 10:38:22 +01:00
WilliButz
484d851cb9
hedgedoc: 1.7.0 -> 1.7.1 (fixes CVE-2020-26286 and CVE-2020-26287)
...
https://github.com/hedgedoc/hedgedoc/releases/tag/1.7.1
https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-wcr3-xhv7-8gxc
https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-g6w6-7xf9-m95p
2020-12-27 23:06:21 +01:00
WilliButz
e19995e43b
codimd: 1.6.0 -> 1.7.0, rename to hedgedoc
...
CodiMD was renamed to HedgeDoc and is now built with nodejs-14_x.
https://github.com/hedgedoc/hedgedoc/releases/tag/1.7.0
2020-12-22 01:39:02 +01:00