Zulip logo

Zulip

Open-source team chat with unique topic-based threading

Alternative to: slack, microsoft teams, discord


About Versions (100)

2.1.3

2020-04-01

2.1.3 — 2020-04-01

  • CVE-2020-9444: Prevent reverse tabnapping attacks.
  • CVE-2020-9445: Remove unused and insecure modal_link feature.
  • CVE-2020-10935: Fix XSS vulnerability in local link rewriting.
  • Blocked access from Zulip Desktop versions below 5.0.0. This
    behavior can be adjusted by editing DESKTOP_*_VERSION
    in /home/zulip/deployments/current/version.py.
  • Restructured server initialization to simplify initialization of
    Docker containers (eliminating common classes of user error).
  • Removed buggy feedback bot (ENABLE_FEEDBACK).
  • Migrated GitHub authentication to use the current encoding.
  • Fixed support for restoring a backup on a different minor release
    (in the common case they have the same database schema).
  • Fixed restoring backups with memcached authentication enabled.
  • Fixed preview content (preheaders) for many emails.
  • Fixed buggy text in missed-message emails with PM content disabled.
  • Fixed buggy loading spinner in “emoji format” widget.
  • Fixed sorting and filtering users in organization settings.
  • Fixed handling of links to deleted streams.
  • Fixed check-rabbitmq-consumers monitoring.
  • Fixed copy-to-clipboard button for outgoing webhook bots.
  • Fixed logging spam from soft_deactivation cron job.
  • Fixed email integration handling of emails with nested MIME structure.
  • Fixed unicode bugs in incoming email integration.
  • Fixed error handling for Slack data import.
  • Fixed incoming webhook support for AWX 9.x.y.
  • Fixed a couple missing translation tags.
  • Fixed “User groups” settings UI bug for administrators.
  • Fixed data import tool to reset resource limits after importing
    data from a free plan organization on zulipchat.com.
  • Changed the SAML default signature algorithm to SHA-256, overriding
    the SHA-1 default used by python3-saml.