]> BookStack Code Mirror - website/blob - content/blog/2021/security-release-v21-11-3.md
projects / website / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Actualiser content/docs/admin/installation.md
[website] / content / blog / 2021 / security-release-v21-11-3.md
1 +++
2 categories = ["Releases"]
3 tags = ["Releases"]
4 title = "BookStack Security Release v21.11.3"
5 date = 2021-12-15T13:00:00Z
6 author = "Dan Brown"
7 image = "/images/blog-cover-images/unsplash/door-lock-lucas-santos.jpg"
8 slug = "bookstack-release-v21-11-3"
9 draft = false
10 +++
11
12 BookStack v21.11.3 has been released.
13 This is a security release that helps prevent potential discovery and harvesting of user
14 details including name and email address.
15
16 It's advised to upgrade as soon as possible if your BookStack instance is public or
17 is used by untrusted members.
18
19 * [Update instructions](https://www.bookstackapp.com/docs/admin/updates)
20 * [GitHub release page](https://github.com/BookStackApp/BookStack/releases/tag/v21.11.3)
21
22 Thanks to @haxatron for discovering and reporting this vulnerability via huntr.dev.
23
24 ### Full List of Changes
25
26 * Helped prevent discovery and harvesting of user information. Thanks @haxatron for reporting. ([#3108](https://github.com/BookStackApp/BookStack/issues/3108))
27 * Updated search API results to include the highlighted preview content. ([#3096](https://github.com/BookStackApp/BookStack/issues/3096))
28 * Updated search API results to include item URL. ([#3080](https://github.com/BookStackApp/BookStack/issues/3080))
29 * Updated translations with latest Crowdin changes. ([#3093](https://github.com/BookStackApp/BookStack/pull/3093))
30
31
32 ### For More Information
33
34 If you have any questions or comments about this advisory:
35 * Open an issue in [the BookStack GitHub repository](https://github.com/BookStackApp/BookStack/issues).
36 * Ask on the [BookStack Discord chat](https://discord.gg/ztkBqR2).
37 * Follow the [BookStack security policy](https://github.com/BookStackApp/BookStack/blob/development/.github/SECURITY.md) to contact someone privately.
38
39 ----
40
41 <span style="font-size: 0.8em;opacity:0.9;">Header Image Credits: <span>Photo by <a href="https://unsplash.com/@_staticvoid?utm_source=unsplash&amp;utm_medium=referral&amp;utm_content=creditCopyText">Lucas Santos</a> on <a href="https://unsplash.com/?utm_source=unsplash&amp;utm_medium=referral&amp;utm_content=creditCopyText">Unsplash</a></span></span>
The source for the BookStack website, docs and blog.