Added new secruity release to updates page

author Dan Brown <redacted>

Wed, 13 Nov 2024 12:11:38 +0000 (12:11 +0000)

committer Dan Brown <redacted>

Wed, 13 Nov 2024 12:11:38 +0000 (12:11 +0000)
author Dan Brown <redacted>
Wed, 13 Nov 2024 12:11:38 +0000 (12:11 +0000)
committer Dan Brown <redacted>
Wed, 13 Nov 2024 12:11:38 +0000 (12:11 +0000)
diff --git a/content/docs/admin/updates.md b/content/docs/admin/updates.md

index 31b70bb43748bf1c65e19664856bb2c479256884..4720ce78f40182ab3949e07721d473dc95a4ed03 100644 (file)
--- a/content/docs/admin/updates.md
+++ b/content/docs/admin/updates.md
@@ -41,6 +41,11 @@ This is primarily a list of breaking changes & security notices.
  Details of updates can be found on [our blog](https://www.bookstackapp.com/blog/) or via 
  the [GitHub releases page](https://github.com/BookStackApp/BookStack/releases).
  
+
+#### Updating to v24.10.2 or higher
+
+**Security - Environment** - v24.10.2 addresses a vulnerability in our dependencies where specifically formatted requests could be used to manipulate application configuration in environments where a certain PHP option (register_argc_argv) is enabled.
+
  #### Updating to v24.05.4 or higher
  
  **Security - LDAP** - v24.05.4 address an issue found in LDAP group syncing which could mean in certain scenarios a user could be matched to extra roles incorrectly.
author	Dan Brown <redacted>
	Wed, 13 Nov 2024 12:11:38 +0000 (12:11 +0000)
committer	Dan Brown <redacted>
	Wed, 13 Nov 2024 12:11:38 +0000 (12:11 +0000)