Skip to content

Releases: globaleaks/globaleaks-whistleblowing-software

GLOBALEAKS 5.0.45

31 Jan 21:16
@evilaliv3 evilaliv3
v5.0.45
df4c725
Compare
Choose a tag to compare
GLOBALEAKS 5.0.45 Latest
Latest

Changes in version 5.0.45

  • Revise mock implementation in relation to multi-lang mocks
Assets 2
Loading

GLOBALEAKS 5.0.44

29 Jan 20:28
@evilaliv3 evilaliv3
v5.0.44
9a85d8f
Compare
Choose a tag to compare
GLOBALEAKS 5.0.44

Changes in version 5.0.44

  • Move password hashing on clientside
  • Upgrade proof of work from sha256 to argon2id with 1 step and 1MB of requirement
  • Refactor SecureTemporaryFile replacing AES with ChaCha20
  • Enable Brotli compression of static (offline) and dynamic (on-the-fly) content
  • Fix bug visualization of files uploaded by recipients introduced in 5.0.19
  • Bump client dependencies to latest version
  • Update translations
Assets 2
Loading

GLOBALEAKS 5.0.42

20 Jan 16:25
@evilaliv3 evilaliv3
v5.0.42
30b0886
Compare
Choose a tag to compare
GLOBALEAKS 5.0.42

Changes in version 5.0.42

  • Fix possibility to vary expiration date if default data retention policy is disabled
Assets 2
Loading

GLOBALEAKS 5.0.43

20 Jan 16:26
@evilaliv3 evilaliv3
v5.0.43
e6c57e4
Compare
Choose a tag to compare
GLOBALEAKS 5.0.43

Changes in version 5.0.43

  • Correct regression on logs missing newlines introduced in 5.0.38
Assets 2
Loading

GLOBALEAKS 5.0.41

22 Dec 07:36
@evilaliv3 evilaliv3
v5.0.41
9e99728
Compare
Choose a tag to compare
GLOBALEAKS 5.0.41

Changes in version 5.0.41

  • Re-add markdown support to recipients and context descriptions (#4364)
  • Bump client dependencies to latest version
Assets 2
Loading

GLOBALEAKS 5.0.40

22 Dec 07:34
@evilaliv3 evilaliv3
v5.0.40
0406e33
Compare
Choose a tag to compare
GLOBALEAKS 5.0.40

Changes in version 5.0.40

  • Fix visualization of enforced recipients broken in 5.0.0
Assets 2
Loading

GLOBALEAKS 5.0.39

22 Dec 07:34
@evilaliv3 evilaliv3
v5.0.39
57e664c
Compare
Choose a tag to compare
GLOBALEAKS 5.0.39

Changes in version 5.0.39

  • Ensure voice questions could work when defined in question templates
  • Bump pdfjs again to v4 with proper packaging
  • Bump client dependencies to latest version
Assets 2
Loading

GLOBALEAKS 5.0.38

15 Dec 21:08
@evilaliv3 evilaliv3
v5.0.38
f71ea81
Compare
Choose a tag to compare
GLOBALEAKS 5.0.38

Changes in version 5.0.38

  • Correct PDF viewer re-including pdfjs v3
Assets 2
Loading

GLOBALEAKS 5.0.33

07 Dec 08:53
@evilaliv3 evilaliv3
v5.0.33
a1afd62
Compare
Choose a tag to compare
GLOBALEAKS 5.0.33

Changes in version 5.0.33

  • Complete implementation of CSP policy based on Trusted-Types
  • Enforce validation of every admin config or user input by means of DOMPurify
  • Restrict usage of CSS inline scripts (#4345) as previously done on v4
  • Fix bug in gl-admin utility preventing possibility to reset 2fa
  • Correct feature of re-ordering of questions options (#4348)
  • Fix issues #4341, #4344
  • Improve packaging of css libraries and overrides
  • Bump client dependencies to latest versions
  • Update translations
Assets 2
Loading

GLOBALEAKS 5.0.32

30 Nov 14:58
@evilaliv3 evilaliv3
v5.0.32
0437916
Compare
Choose a tag to compare
GLOBALEAKS 5.0.32

Changes in version 5.0.32

  • Revise language changes utilities in relation to issue #4315
  • Fixed validation of multistep questionnaires and extend validation to files (#4336)
  • Remove redundant rel=noreferrer made unnecessary by ReferrerPolicy header
  • Revise markdown implementation ensuring links are opened always in a new tab
  • Ensure to strip every HTML tag (including safe tags) with DOMPurify before parsing markdown.
  • Fix issues #4340 and #4338
  • [doc] Revise application security document in reference to external links protections
  • [doc] Extend documentation adding detail on usage of DOMPurify to filter markdown input
Assets 2
Loading