Added v24.10.2 post

2024-11-13 12:00:51 +00:00 · 2024-11-13 12:00:51 +00:00 · 54c1c10966
commit 54c1c10966
parent 7b511a541b
3 changed files with 42 additions and 1 deletions
--- a/content/blog/2024/security-release-v24-10-2.md
+++ b/content/blog/2024/security-release-v24-10-2.md
@ -0,0 +1,33 @@
+++ 
+categories = ["Releases"] 
+tags = ["Releases"] 
+title = "BookStack Security Release v24.10.2" 
+date = 2024-11-13T12:00:00Z 
+author = "Dan Brown" 
+image = "/images/blog-cover-images/cc-by-sa-4/fence2-dietmar-rabich.jpg" 
+slug = "bookstack-release-v24-10-2" 
+draft = false 
+++ 
+  
+BookStack v24.10.2 has been released. 
+  
+This is a security release to address a vulnerability in our dependencies where specifically formatted requests could be used to manipulate application configuration in environments where a certain PHP option (register_argc_argv) is enabled. This is not an option that's typically enabled in production web-serving environments, but it's advised to update where uncertain. 
+  
+* [Update instructions](https://www.bookstackapp.com/docs/admin/updates) 
+* [GitHub release page](https://github.com/BookStackApp/BookStack/releases/tag/v24.10.2) 
+  
+### Full List of Changes 
+  
+* Updated application PHP dependencies. 
+* Updated translations with latest Crowdin changes. ([#5317](https://github.com/BookStackApp/BookStack/pull/5317)) 
+  
+### For More Information 
+  
+If you have any questions or comments about this advisory: 
+* Open an issue in [the BookStack GitHub repository](https://github.com/BookStackApp/BookStack/issues). 
+* Ask on the [BookStack Discord chat](https://discord.gg/ztkBqR2). 
+* Follow the [BookStack security policy](https://github.com/BookStackApp/BookStack/blob/development/.github/SECURITY.md) to contact someone privately. 
+  
+---- 
+  
+<span style="font-size: 0.8em;opacity:0.9;">Header Image Credits: <span>Photo by <a href="https://commons.wikimedia.org/wiki/File:D%C3%BClmen,_Kirchspiel,_Wiese_in_der_Bauerschaft_B%C3%B6rnste_--_2016_--_1523-9.jpg">Dietmar Rabich (CC-BY-SA 4.0)</a> - Image Modified</span></span> 
--- a/static/images/blog-cover-images/cc-by-sa-4/attribution.txt
+++ b/static/images/blog-cover-images/cc-by-sa-4/attribution.txt
@ -21,4 +21,9 @@ Image modified in usage (Cropped, resized, sharpened).
 pallastunturi-simo-rasanen.webp 
 Copyright Ximonic (Simo Räsänen) 
 Source: https://commons.wikimedia.org/wiki/File:Path_to_Pallastunturi_in_autumn_color_display,_Muonio,_Lapland,_Finland,_2021_September.jpg 
-Image modified in usage (Resized, sharpened, converted). 
+Image modified in usage (Resized, sharpened, converted). 
+--- 
+fence2-dietmar-rabich.jpg 
+Copyright Dietmar Rabich 
+Source: https://commons.wikimedia.org/wiki/File:D%C3%BClmen,_Kirchspiel,_Wiese_in_der_Bauerschaft_B%C3%B6rnste_--_2016_--_1523-9.jpg 
+Image modified in usage (Cropped, resized, sharpened). 
--- a/static/images/blog-cover-images/cc-by-sa-4/fence2-dietmar-rabich.jpg
+++ b/static/images/blog-cover-images/cc-by-sa-4/fence2-dietmar-rabich.jpg