Commit 72659b09 authored by Daniel Gerhardt's avatar Daniel Gerhardt

Release version 2.4.1

parent 098902f9
# Changelog
## 2.4.1
This release fixes a security vulnerability caused by the CORS implementation.
Origins allowed for CORS can now be set in the configuration via
`security.cors.origins`. (Reported by Rainer Rillke at Wikimedia)
Additionally, authentication via disabled services is now entirely blocked to
fix a security vulnerability allowing guest access despite the setting
`security.guest.enabled=false`. (Reported by Rainer Rillke at Wikimedia)
Additional changes:
* Libraries have been upgraded to fix potential bugs
## 2.3.3
This release fixes a security vulnerability caused by the CORS implementation.
Origins allowed for CORS can now be set in the configuration via
......
......@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>de.thm.arsnova</groupId>
<artifactId>arsnova-backend</artifactId>
<version>2.4.1-SNAPSHOT</version>
<version>2.4.1</version>
<packaging>war</packaging>
<properties>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment