Iceshrimp v2023.12.14
This is a stable release containing a critical security fix, as well as several lower severity security fixes.
Upgrading is strongly recommended for all server operators.
Highlights:
- A XSS vulnerability related to parsing of relative URLs has been fixed
- Media URLs are now always proxied, no matter the protocol in use
- AiScript endpoints are now validated more strictly
- Negative values for MFM scale nodes are now clamped
- Profile fields are now rendered as HTML for federation
- Summaly has been updated, resolving a SSRF vulnerability
Check out the full changelog for more information on this release.
Iceshrimp Updates Bot
@iceshrimp_updates@meow.company