File tree 1 file changed +31
-0
lines changed
1 file changed +31
-0
lines changed Original file line number Diff line number Diff line change @@ -36,3 +36,34 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
3636- CVE-2024 -4068: Uncontrolled resource consumption in braces
3737- CVE-2024 -39338: Server-Side Request Forgery in axios
3838
39+ ## [ 1.4.0-beta1] ( https://github.com/cryptomator/hub/compare/1.3.4...1.4.0-beta1 )
40+
41+ ### Added
42+
43+ - This CHANGELOG file
44+ - WoT: Users will now have an ECDH as well as ECDSA key (#282 )
45+ - WoT: Users can now mutually verify their identity, hardening Hub against injection of malicious public keys (#281 )
46+ - Permission to create new vaults can now be controlled via the ` create-vaults ` role in Keycloak (#206 )
47+
48+ ### Changed
49+
50+ - Updated Keycloak to 25.0.6
51+ - Updated to Java 21 (#272 )
52+ - Updated to Quarkus 3.15.x LTS
53+ - Bumped build time dependencies
54+ - Migrated remaining commonjs modules in frontend build to ESM (#291 )
55+ - Memoize infrequently changing data, reducing XHR roundtrips
56+ - Switched to JWK thumbprint format in user profile
57+ - Switched to Repository Pattern (#273 )
58+
59+ ### Fixed
60+
61+ - Fixed incorrect ARIA roles improving accessibility
62+ - Fixed incorrect ` Content-Type ` header for ` /api/vaults/{vaultId}/access-token ` (#284 )
63+
64+ ### Security
65+
66+ - CVE-2023 -45133: Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code
67+ - CVE-2024 -4068: Uncontrolled resource consumption in braces
68+ - CVE-2024 -39338: Server-Side Request Forgery in axios
69+
You can’t perform that action at this time.
0 commit comments