Release version 2.6.1

Bug fixes:
* Fixed exception at startup caused by missing migration document.
* Fixed session export to correctly include all answers.

Additional changes:
* Libraries have been upgraded to fix potential bugs.

Release version 2.6.0

Features:
* Experimental support for CouchDB 2 has been added. Note: The data
  migration script is not compatible with CouchDB 2 and has to be run
  before an upgrade.

Improvements:
* Error handling and logging has been improved. It should now be easier
  to find the cause of problems. API error responses now contain the
  name of the `Exception` which caused the error. Further details for
  debugging purposes can be enabled with the new
  `api.expose-exception-messages` setting (Do NOT enable in production
  environments!).
* Updated OAuth handling to restore compatibility with 3rd-party login
  services.

Bug fixes:
* Fixed multiple bugs caused by incorrect type handling in the database
  layer.
* Fixed XFO header check behind reverse proxy (used by clients when
  embedding external websites).
* Fixed rounding error in learning progress calculation.
* Fixed `security.cors.origins` setting.
* Fixed import of data from older versions.

Security:
* Fixed DoS vulnerability in authentication handling behind reverse
  proxy.

Configuration changes:
Minor changes to the web server and Tomcat proxy configuration are
required (see [installation guide](src/site/markdown/installation.md)).

Release version 2.5.7

This is a maintenance release which only brings libraries up to date to
fix potential bugs.

Release version 2.5.6

This is a maintenance release which only brings libraries up to date to
fix potential bugs.

Release version 2.5.5

This is a maintenance release which only brings libraries up to date to
fix potential bugs.

Release version 2.5.4

This is a maintenance release which only brings libraries up to date to
fix potential bugs.

Release version 2.5.3

This is a maintenance release which only brings libraries up to date to fix
potential bugs.

Release version 2.5.2

This is a maintenance release which only brings libraries up to date to
fix potential bugs.

Release version 2.5.1

This release fixes a performance issue on session creation affecting
large installations.

Bug fixes:
* Session import works again.

Additional changes:
* Libraries have been upgraded to fix potential bugs

Release version 2.4.3

This release fixes a performance issue on session creation affecting
large installations.

Bug fixes:
* WebSocket communication now works correctly for course sessions.
  (only affects installations using the LMS connector)
* The configuration parameter `security.facebook.allowed-roles` is now
  respected.

Additional changes:
* Libraries have been upgraded to fix potential bugs

Release version 2.5.0

Major features:
* Administration API: New endpoints have been added which are accessible
  by users defined by `security.admin-accounts`.
* Evaluation of free text answers
* Proxy support for WebSocket connections: It is now possible to use the
  same port for standard HTTP requests and WebSocket connections.
  Additionally, it is no longer necessary to setup a Java key store for
  TLS if a proxy is used.
* Auto-deletion of inactive (not activated) users and guest sessions

Minor features and changes:
* Caching improvements
* New use case including only comments
* Export of questions to arsnova.click format
* Export/import of flashcards to/from arsnova.cards format
* Flashcards are now handled separately from questions

Configuration changes:
* `socketio.ip` has been replaced by `socketio.bind-address`
* `security.ssl` has been removed. `security.keystore` and
  `security.storepass` have been replaced by `socketio.ssl.jks-file` and
  `socketio.ssl.jks-password`.
* New setting: `socketio.proxy-path`
* The default port for WebSocket connections has been changed to `8090`

With this release we have completely overhauled our
[documentation](README.md). Additionally, we now provide
[Docker images](https://github.com/thm-projects/arsnova-docker/).

Release version 2.4.2

This release fixes a minor security vulnerability which allowed an
attacker to remove a MotD from a session without being the creator.

Additional changes:
* Libraries have been upgraded to fix potential bugs

Release version 2.3.4

This release fixes a minor security vulnerability which allowed an
attacker to remove a MotD from a session without being the creator.

Additional changes:
* Libraries have been upgraded to fix potential bugs

Release version 2.4.1

This release fixes a security vulnerability caused by the CORS
implementation. Origins allowed for CORS can now be set in the
configuration via `security.cors.origins`. (Reported by Rainer Rillke at
Wikimedia)

Additionally, authentication via disabled services is now entirely
blocked to fix a security vulnerability allowing guest access despite
the setting `security.guest.enabled=false`. (Reported by Rainer Rillke
at Wikimedia)

Additional changes:
* Libraries have been upgraded to fix potential bugs

Release version 2.3.3

This release fixes a security vulnerability caused by the CORS
implementation. Origins allowed for CORS can now be set in the
configuration via `security.cors.origins`. (Reported by Rainer Rillke at
Wikimedia)

Additional changes:
* Libraries have been upgraded to fix potential bugs

Release version 2.2.2

This release fixes a security vulnerability caused by the CORS
implementation. Origins allowed for CORS can now be set in the
configuration via `security.cors.origins`. (Reported by Rainer Rillke at
Wikimedia)

Additional changes:
* Libraries have been upgraded to fix potential bugs

Release version 2.1.2

This release fixes a security vulnerability caused by the CORS
implementation. Support for cross-origin requests has been removed. Use
ARSnova version 2.2 or newer for proper CORS. (Reported by Rainer Rillke
at Wikimedia)

Additional changes:
* Libraries have been upgraded to fix potential bugs

Release version 2.0.4

This release fixes a security vulnerability caused by the CORS
implementation. Support for cross-origin requests has been removed. Use
ARSnova version 2.2 or newer for proper CORS. (Reported by Rainer Rillke
at Wikimedia)

Additional changes:
* Libraries have been upgraded to fix potential bugs

Release version 2.4.0

Major features:
* Support for new use case and feature settings has been added.

Minor features and changes:
* New API endpoints have been added to reduce requests on session
  imports.
* Session use case and feature settings are now included in exports and
  imports.
* Authentication providers can now be enabled separately for students
  and lecturers.
* A new suspended votes offset setting has been added.
* JSON export and import now include session info and feature settings.

Bug fixes:
* Deleted sessions are now correctly evicted from cache.
* Answer count calculation for free text questions has been fixed.

Release version 2.3.2

This release fixes a security vulnerability in the account management
API. It is highly recommended to upgrade if you are using database
authentication.

Additional changes:
* Libraries have been upgraded to fix potential bugs