Merge branch 'master' into develop
This commit is contained in:
commit
ccd998d709
16
CHANGELOG.md
16
CHANGELOG.md
|
@ -1,3 +1,19 @@
|
||||||
|
Changes in [1.5.15](https://github.com/vector-im/riot-web/releases/tag/v1.5.15) (2020-04-01)
|
||||||
|
============================================================================================
|
||||||
|
[Full Changelog](https://github.com/vector-im/riot-web/compare/v1.5.14...v1.5.15)
|
||||||
|
|
||||||
|
## Security notice
|
||||||
|
|
||||||
|
The `jitsi.html` widget wrapper introduced in Riot 1.5.14 could be used to extract user data by tricking the user into adding a custom widget or opening a link in the browser used to run Riot. Jitsi widgets created through Riot UI do not pose a risk and do not need to be recreated.
|
||||||
|
|
||||||
|
It is important to purge any copies of Riot 1.5.14 so that the vulnerable `jitsi.html` wrapper from that version is no longer accessible.
|
||||||
|
|
||||||
|
## All changes
|
||||||
|
|
||||||
|
* Upgrade React SDK to 2.3.1 for Jitsi fixes
|
||||||
|
* Fix popout support for jitsi widgets
|
||||||
|
[\#12980](https://github.com/vector-im/riot-web/pull/12980)
|
||||||
|
|
||||||
Changes in [1.5.14](https://github.com/vector-im/riot-web/releases/tag/v1.5.14) (2020-03-30)
|
Changes in [1.5.14](https://github.com/vector-im/riot-web/releases/tag/v1.5.14) (2020-03-30)
|
||||||
============================================================================================
|
============================================================================================
|
||||||
[Full Changelog](https://github.com/vector-im/riot-web/compare/v1.5.14-rc.1...v1.5.14)
|
[Full Changelog](https://github.com/vector-im/riot-web/compare/v1.5.14-rc.1...v1.5.14)
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
"name": "riot-web",
|
"name": "riot-web",
|
||||||
"productName": "Riot",
|
"productName": "Riot",
|
||||||
"main": "src/electron-main.js",
|
"main": "src/electron-main.js",
|
||||||
"version": "1.5.14",
|
"version": "1.5.15",
|
||||||
"description": "A feature-rich client for Matrix.org",
|
"description": "A feature-rich client for Matrix.org",
|
||||||
"author": "New Vector Ltd.",
|
"author": "New Vector Ltd.",
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
"name": "riot-web",
|
"name": "riot-web",
|
||||||
"productName": "Riot",
|
"productName": "Riot",
|
||||||
"main": "electron_app/src/electron-main.js",
|
"main": "electron_app/src/electron-main.js",
|
||||||
"version": "1.5.14",
|
"version": "1.5.15",
|
||||||
"description": "A feature-rich client for Matrix.org",
|
"description": "A feature-rich client for Matrix.org",
|
||||||
"author": "New Vector Ltd.",
|
"author": "New Vector Ltd.",
|
||||||
"repository": {
|
"repository": {
|
||||||
|
@ -68,8 +68,8 @@
|
||||||
"favico.js": "^0.3.10",
|
"favico.js": "^0.3.10",
|
||||||
"gfm.css": "^1.1.2",
|
"gfm.css": "^1.1.2",
|
||||||
"highlight.js": "^9.13.1",
|
"highlight.js": "^9.13.1",
|
||||||
"matrix-js-sdk": "github:matrix-org/matrix-js-sdk#develop",
|
"matrix-js-sdk": "5.2.0",
|
||||||
"matrix-react-sdk": "github:matrix-org/matrix-react-sdk#develop",
|
"matrix-react-sdk": "2.3.1",
|
||||||
"olm": "https://packages.matrix.org/npm/olm/olm-3.1.4.tgz",
|
"olm": "https://packages.matrix.org/npm/olm/olm-3.1.4.tgz",
|
||||||
"postcss-easings": "^2.0.0",
|
"postcss-easings": "^2.0.0",
|
||||||
"prop-types": "^15.7.2",
|
"prop-types": "^15.7.2",
|
||||||
|
|
|
@ -7472,9 +7472,10 @@ matrix-mock-request@^1.2.3:
|
||||||
bluebird "^3.5.0"
|
bluebird "^3.5.0"
|
||||||
expect "^1.20.2"
|
expect "^1.20.2"
|
||||||
|
|
||||||
"matrix-react-sdk@github:matrix-org/matrix-react-sdk#develop":
|
matrix-react-sdk@2.3.1:
|
||||||
version "2.3.0"
|
version "2.3.1"
|
||||||
resolved "https://codeload.github.com/matrix-org/matrix-react-sdk/tar.gz/78fd8e4569096043b22210821d20e085802bbcff"
|
resolved "https://registry.yarnpkg.com/matrix-react-sdk/-/matrix-react-sdk-2.3.1.tgz#76ac6f98dfa89d4ceb7c63b31e10b9779bca12fe"
|
||||||
|
integrity sha512-TIiiEIUa891eTdRFCaj18sAFJULBDgbFOvV4upaED/aNXxnHOLV5JjNuYzsmQMEJ6Fmrz5iM0DbWXaADnuZwpQ==
|
||||||
dependencies:
|
dependencies:
|
||||||
"@babel/runtime" "^7.8.3"
|
"@babel/runtime" "^7.8.3"
|
||||||
blueimp-canvas-to-blob "^3.5.0"
|
blueimp-canvas-to-blob "^3.5.0"
|
||||||
|
|
Loading…
Reference in New Issue