Changelog

« Back to the list

June 28, 2021 (2021.06.27)

• Security Fixes
  • Fixed critical security vulnerabilities.
    Security audit by Christian Poeschl and Tobias Braeutigam, from "syntegris information solutions GmbH".
• Other Improvements
  • ONLYOFFICE can be now used to share documents via web links without download permission (requires enabling from the FileRun control panel).
  • Added API call for extracting archives.
  • Added "-path" option to "cron/make_thumbs.php" command line, to process only a specific folder.
• Other Fixes
  • Fixed ocassional error while moving larger folders that have versioned files in subfolders.
  • Regression fixes:
    • Uploading via web links.
    • Right-click on files for independent admin users.
    • Alphanumeric sorting in the file grid.
    • Uploading CSV files for user import.
  • Compatibility warning with Nextcloud deskop app.
  • "HTML Editor" plugin security changes:
    • Added option to automatically clean the HTML code before opening files in the "HTML Editor" plugin. The option is now enabled by default, but can be turned off from the plugin's settings. Turn off only if you understand the high security risk involved.
    • The plugin's option to be used for creating new file is now disabled by default. You can manually enable it back by editing the plugin settings.
    • The plugin's option to be used for creating new file is not disabled. You can manually enable it back by editing the plugin settings.
    • The plugin is now disabled by default in new FileRun installations.
  • Fixed exporting activity log when no date is selected.
  • Better handling trying to preview a file after session expired.
  • Fixed image editor not preserving file extension case.
  • Increased timeout for indexing via Apache Tika in server mode from 5 to 50 seconds.
  • Fixed some missing translations.