You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This release includes a fix for [CVE-2024-55919] Improper input validation on generic SSO login [\#1917](https://github.com/sympa-community/sympa/issues/1917).
Administorators setting `generic_sso` paragraph with `force_email_verify` parameter enabled in `auth.conf` should upgrade Sympa to this version or take measure. For more details see the Security Advisory [Sympa SA 2024-001](https://www.sympa.community/security/2024-001.html).
**Incompatible changes:**
- Notes for packagers:
Expand DownExpand Up
@@ -49,6 +55,7 @@
**Fixed bugs:**
-[CVE-2024-55919] Improper input validation on generic SSO login [\#1917](https://github.com/sympa-community/sympa/issues/1917)
- DKIM signing and ARC sealing order is reversed [\#1851](https://github.com/sympa-community/sympa/issues/1851)
- WWSynmpa: do_distribute: Confirmation was not always performed [\#1889](https://github.com/sympa-community/sympa/pull/1889)
- WWSympa: Invalid UTF-8 sequences in input may trigger crashing [\#1884](https://github.com/sympa-community/sympa/issues/1884)
