Zulip
Open-source team chat with unique topic-based threading
Alternative to: slack, microsoft teams, discord
About
Versions (100)
2.1.3
2020-04-012.1.3 — 2020-04-01
- CVE-2020-9444: Prevent reverse tabnapping attacks.
- CVE-2020-9445: Remove unused and insecure modal_link feature.
- CVE-2020-10935: Fix XSS vulnerability in local link rewriting.
- Blocked access from Zulip Desktop versions below 5.0.0. This
behavior can be adjusted by editingDESKTOP_*_VERSION
in/home/zulip/deployments/current/version.py. - Restructured server initialization to simplify initialization of
Docker containers (eliminating common classes of user error). - Removed buggy feedback bot (
ENABLE_FEEDBACK). - Migrated GitHub authentication to use the current encoding.
- Fixed support for restoring a backup on a different minor release
(in the common case they have the same database schema). - Fixed restoring backups with memcached authentication enabled.
- Fixed preview content (preheaders) for many emails.
- Fixed buggy text in missed-message emails with PM content disabled.
- Fixed buggy loading spinner in “emoji format” widget.
- Fixed sorting and filtering users in organization settings.
- Fixed handling of links to deleted streams.
- Fixed check-rabbitmq-consumers monitoring.
- Fixed copy-to-clipboard button for outgoing webhook bots.
- Fixed logging spam from soft_deactivation cron job.
- Fixed email integration handling of emails with nested MIME structure.
- Fixed unicode bugs in incoming email integration.
- Fixed error handling for Slack data import.
- Fixed incoming webhook support for AWX 9.x.y.
- Fixed a couple missing translation tags.
- Fixed “User groups” settings UI bug for administrators.
- Fixed data import tool to reset resource limits after importing
data from a free plan organization on zulipchat.com. - Changed the SAML default signature algorithm to SHA-256, overriding
the SHA-1 default used by python3-saml.