Releases: linuxserver/docker-bookstack
v21.12.3-ls176
LinuxServer Changes:
Rebase to Alpine 3.14.
bookstack Changes:
Links
Upgrade Notices
- Composer Version Requirement Change - Composer v2.0 or greater is now required to install or update BookStack.
- You can check your composer version by running
composer -V. - You can often update composer by running
sudo composer self-update- (Or you may be prompted to run
sudo composer self-update --2).
- (Or you may be prompted to run
- If you're using a system-supplied composer package you may need to first uninstall that (eg.
sudo apt remove composer) then follow the composer download documentation to get the latest version.- Take notice of the
sudo mv composer.phar /usr/local/bin/composercommand shown in the documentation to install composer globally for easier usage.
- Take notice of the
- You can check your composer version by running
Full List of Changes
This release contains the following fixes and changes:
- Updated development docker environment with xdebug support. Thanks to @Julesdevops. (#3193)
- Updated user creation flow to not persist the user on invitation sending failure. Thanks to @Julesdevops. (#3179, #3174)
- Updated "Recently Updated Pages" view to show update author and date. Thanks to @Julesdevops. (#3177, #3045)
- Updated translations with latest Crowdin changes. (#3158)
- Updated PDF page export image display to help fix image sizing issues again. (#3120)
- Updated "Recently Updated Pages" view to show parent context chain. (#3183)
- Fixed potential errors in revision diff view when multi-byte characters are used. (#3170)
- Fixed duplicate display in image gallery when uploading multiple images at once. (#3160)
- Fixed inaccurate markdown editor cursor position upon sidebar usage. (#3186)
v21.12.3-ls175
LinuxServer Changes:
Rebase to Alpine 3.14.
bookstack Changes:
Links
Full List of Changes
This release contains the following fixes and changes:
- Updated development docker environment with xdebug support. Thanks to @Julesdevops. (#3193)
- Updated user creation flow to not persist the user on invitation sending failure. Thanks to @Julesdevops. (#3179, #3174)
- Updated "Recently Updated Pages" view to show update author and date. Thanks to @Julesdevops. (#3177, #3045)
- Updated translations with latest Crowdin changes. (#3158)
- Updated PDF page export image display to help fix image sizing issues again. (#3120)
- Updated "Recently Updated Pages" view to show parent context chain. (#3183)
- Fixed potential errors in revision diff view when multi-byte characters are used. (#3170)
- Fixed duplicate display in image gallery when uploading multiple images at once. (#3160)
- Fixed inaccurate markdown editor cursor position upon sidebar usage. (#3186)
v21.12.2-ls175
LinuxServer Changes:
Rebase to Alpine 3.14.
bookstack Changes:
Links
Full List of Changes
This release contains the following fixes and changes:
- Improved handling of uploaded images when thumbnails fail to load. (#3142)
- Updated translations with latest Crowdin changes. (#3148)
- Fixed issue where webhooks would error for specific recycle bin operations. (#3154)
- Fixed Spanish invite email subject translation. Thanks to @AitorMatxi. (#3153)
- Fixed issue where custom homepage could cause strange deletion behavior and lead to errors. (#3150)
v21.12.2-ls174
LinuxServer Changes:
Rebase to Alpine 3.14.
bookstack Changes:
Links
Full List of Changes
This release contains the following fixes and changes:
- Improved handling of uploaded images when thumbnails fail to load. (#3142)
- Updated translations with latest Crowdin changes. (#3148)
- Fixed issue where webhooks would error for specific recycle bin operations. (#3154)
- Fixed Spanish invite email subject translation. Thanks to @AitorMatxi. (#3153)
- Fixed issue where custom homepage could cause strange deletion behavior and lead to errors. (#3150)
v21.12.1-ls174
LinuxServer Changes:
Rebase to Alpine 3.14.
bookstack Changes:
Security Release
BookStack v21.12.1 has been released.
This is a security release that better enforces permissions on book-sort & chapter-move operations to address scenarios where content could be moved to non-permissible locations.
It's advised to upgrade as soon as possible if untrusted users can update books or chapters in your BookStack instance.
Thanks again to @Haxatron for discovering and reporting this vulnerability via huntr.dev.
Full List of Changes
- Added timeout and debugging statuses to webhooks. (#3139)
- Added new webhook_call_before logical theme system event hook. (#3138)
- Updated support for APNG images to retain animation. (#3136)
- Updated book sort and chapter move handling to enforce more permissions. (#3134)
- Updated item-search/select box to autofocus on search field. (#3127)
- Updated webhooks to not stop application on endpoint call failure. (#3122)
- Updated translations with latest Crowdin changes. (#3117)
- Fixed webhooks list view issue where columns would become to narrow. (#3135)
- Fixed linked images showing small in PDF export. (#3120)
- Fixed issue where pasting certain code blocks would cause erratic editor behavior. (#3133)
Contributors
Assets 2
v21.12-ls174
LinuxServer Changes:
Rebase to Alpine 3.14.
bookstack Changes:
Links
Full List of Changes
- Added webhooks. (#147, #3099)
- Added ability to copy books, chapters & roles. (#3118, #1123)
- Added audit log IP address search. Thanks to @johnroyer. (#3081)
- Updated translations with latest Crowdin changes. (#3117)
- Fixed issue where non-ascii content could break search result previews. Thanks to @Kristian-Krastev. (#3113)
- Fixed mismatched password validation rules across the application. (#2237)
v21.12-ls173
LinuxServer Changes:
Rebase to Alpine 3.14.
bookstack Changes:
Links
Full List of Changes
- Added webhooks. (#147, #3099)
- Added ability to copy books, chapters & roles. (#3118, #1123)
- Added audit log IP address search. Thanks to @johnroyer. (#3081)
- Updated translations with latest Crowdin changes. (#3117)
- Fixed issue where non-ascii content could break search result previews. Thanks to @Kristian-Krastev. (#3113)
- Fixed mismatched password validation rules across the application. (#2237)
v21.11.3-ls172
LinuxServer Changes:
Rebase to Alpine 3.14.
bookstack Changes:
Security Release
BookStack v21.11.3 has been released.
This is a security release that helps prevent potential discovery and harvesting of user details including name and email address.
It's advised to upgrade as soon as possible if your BookStack instance is public or is used by untrusted members.
Thanks to @Haxatron for discovering and reporting this vulnerability via huntr.dev.
Full List of Changes
Contributors
Assets 2
v21.11.2-ls172
LinuxServer Changes:
Rebase to Alpine 3.14.
bookstack Changes:
Security Release
BookStack v21.11.2 has been released.
This is a security release that address a couple of vulnerabilities relating to API access and page draft related content visibility:
- If the "Public" role was provided API access then the API could be accessed, in certain scenarios by non-authenticated users even if the "Allow public access" setting was disabled.
- In some specific scenarios, content related to page drafts (Such as attachments) could be visible to non-owners (Whom would have permission to view the page if saved as a non-draft at that point).
It's advised to upgrade as soon as possible if the API has been enabled for roles within your instance or if draft page content visibility could be a security concern for you.
Full List of Changes
Contributors
Assets 2
v21.11.1-ls172
LinuxServer Changes:
Rebase to Alpine 3.14.
bookstack Changes:
Links
Full List of Changes
This release contains the following fixes and changes:
- Added custom command support to the logical theme system. (#3072)
- Added support for
prefers-contrastmedia setting to increase contrast in faded areas when active. (#2634) - Updated TOTP confirmation view to autofocus on code input. Thanks to @raccettura. (#3068)
- Updated translations with latest changes from Crowdin. (#3057)
- Updated any links on homepage lists to be more obvious & accessible. (#3046)
- Fixed faulty page navigation links when headers are nested within other content. Thanks to @Julesdevops. (#3069, #3058)