Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

version: Update version and changelog after 4.11 release.

This commit is contained in:
Alex Vandiver 2022-03-15 14:23:42 -07:00
parent 62ba8e455d
commit f77204be14
2 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
docs/overview/changelog.md
View File

@ -121,6 +121,19 @@ log][commit-log] for an up-to-date list of raw changes.
## Zulip 4.x series ## Zulip 4.x series
## Zulip 4.11 -- 2022-03-15
- CVE-2022-24751: Zulip Server 4.0 and above were susceptible to a
race condition during user deactivation, where a simultaneous access
by the user being deactivated may, in rare cases, allow continued
access by the deactivated user. This access could theoretically
continue until one of the following events happens:
- The session expires from memcached; this defaults to two weeks, and
is controlled by SESSION_COOKIE_AGE in /etc/zulip/settings.py
- The session cache is evicted from memcached by other cached data.
- The server is upgraded, which clears the cache.
- Updated translations.
## Zulip 4.10 -- 2022-02-25 ## Zulip 4.10 -- 2022-02-25
- CVE-2022-21706: Reusable invitation links could be improperly used - CVE-2022-21706: Reusable invitation links could be improperly used

2
version.py
View File

@ -14,7 +14,7 @@ ZULIP_VERSION = lines.pop(0).strip()
ZULIP_MERGE_BASE = lines.pop(0).strip() ZULIP_MERGE_BASE = lines.pop(0).strip()
LATEST_MAJOR_VERSION = "4.0" LATEST_MAJOR_VERSION = "4.0"
LATEST_RELEASE_VERSION = "4.10" LATEST_RELEASE_VERSION = "4.11"
LATEST_RELEASE_ANNOUNCEMENT = "https://blog.zulip.com/2021/05/13/zulip-4-0-released/" LATEST_RELEASE_ANNOUNCEMENT = "https://blog.zulip.com/2021/05/13/zulip-4-0-released/"
# Versions of the desktop app below DESKTOP_MINIMUM_VERSION will be # Versions of the desktop app below DESKTOP_MINIMUM_VERSION will be