Improved: Improved handling of items with duplicate IDs when synchronising with Joplin Cloud or Server ( d4c43a8). Security: Prevent XSS by sanitizing certain HTML attributes ( 9e90d90) (Vulnerability discovered by RyotaK). 
Security: Disable SVG tag support in editor to prevent XSS ( caf6606) (Vulnerability discovered by RyotaK). Fixed: Preserve Table Alignment When Editing a Note With the Rich Text Editor ( #8214) ( #6431 by Christopher O'Toole). Fixed: Improve sidebar workaround for Linux w/Intel GPU ( #8126) ( #7506 by Calum Lind). Fixed: Don't display "obsolete encryption method" message if the key is disabled ( #8025) ( #7933 by Fixed: Improve selection of active E2EE key ( #8254). Improved: When resetting the master password, also create a new master key with that password ( e647775). Fixed: "New note" buttons so large they occlude Search ( #8249) ( #8159 by Rio Sinnott). Improved: Updated packages aws, buildTools, tar (v6.1.15). Improved: Fix white screen issue ( 8b578c5). Improved: Improved word count when em-dash is used ( #8083). 
Improved: Add support for AVIF image format ( #8175).Security: Prevent calling arbitrary commands via x-callback-url (PoC by Hacker) ( 6982661).Security: Prevent XSS when passing specially encoded string to a link (PoC by Hacker) ( 57b4198).Fixed: Include more Rich Text editor commands in the menu ( #8316).Fixed: Duplicated published notes retain the published note's label's color ( #8287).
Fixed: Display plugin console in dev mode ( #8210). Fixed: Allow certain HTML anchor tags ( #8286). Improved: Upgrade E2EE encryption method to AES-256 ( #7686). Improved: Configure Rich Text editor to handle the first table row as header ( #8163) ( #3535 by Improved: Updated packages css-loader (v6.7.4), dayjs (v1.11.8), domhandler (v5), domutils (v3.1.0), highlight.js (v11.8.0), react-redux (v8.0.7), style-loader (v3.3.3), styled-components (v5.3.11), ts-loader (v9.4.3). Improved: Add support for plugin user data ( #8312) ( #8080).
0 kommentar(er)
