Jiglu 16.0.2 is now generally available and recommended for immediate installation. This is a security and bug fix release with the following changes:
- Resolved issue with being unable to delete feed sources created prior to version 16.0.
- Resolved issue with instant messages not updating correctly in their stream.
- Upgrade of HTML editor to latest version, notably fixing issues with lists.
- Security fix of high severity in third-party library for handling of compressed archive files (CVE-2024-25710, CVE-2024-26308). This could have allowed archives to be uploaded that could cause an infinite loop or excessive use of resources.
- Security fix of critical severity in third-party library for SQL injection (CVE-2024-1597). This should not have been exploitable.
Installation help can be found at https://support.jiglu.com/spaces/installation/.