Skip to content

1.10.3-ls173

Choose a tag to compare

@LinuxServer-CI LinuxServer-CI released this 19 Nov 19:44
· 10 commits to main since this release
618d79e

CI Report:

https://ci-tests.linuxserver.io/linuxserver/hedgedoc/1.10.3-ls173/index.html

LinuxServer Changes:

Full Changelog: 1.10.3-ls172...1.10.3-ls173

Remote Changes:

Security fixes

This release fixes a security issue of a possible XSS exploit which can be planted via a malicous SVG file upload.

See CVE-2025-32391 for more details

Enhancements

  • Add config options CMD_SAML_WANT_ASSERTIONS_SIGNED and CMD_SAML_WANT_AUTHN_RESPONSE_SIGNED for SAML auth, since
    some instances didn't comply with the new defaults of @node-saml/passport-saml