Jiglu 16.0.2 released

Jiglu 16.0.2 is now generally available and recommended for immediate installation. This is a security and bug fix release with the following changes:

  • Resolved issue with being unable to delete feed sources created prior to version 16.0.
  • Resolved issue with instant messages not updating correctly in their stream.
  • Upgrade of HTML editor to latest version, notably fixing issues with lists.
  • Security fix of high severity in third-party library for handling of compressed archive files (CVE-2024-25710, CVE-2024-26308). This could have allowed archives to be uploaded that could cause an infinite loop or excessive use of resources.
  • Security fix of critical severity in third-party library for SQL injection (CVE-2024-1597). This should not have been exploitable.

Installation help can be found at https://support.jiglu.com/spaces/installation/.

Stephen Hebditch. Sent on .