diff options
author | Micah Lee <micah@micahflee.com> | 2022-01-17 09:56:23 -0800 |
---|---|---|
committer | Micah Lee <micah@micahflee.com> | 2022-01-17 09:56:23 -0800 |
commit | 92092b8c34b62533c9be46592e819d4d6f3a8466 (patch) | |
tree | 237a0e8bf590edec996fd23c9e1a74f3a105b279 | |
parent | c8ea7702232d68c81521f0755d9e55c5211807bd (diff) | |
download | onionshare-92092b8c34b62533c9be46592e819d4d6f3a8466.tar.gz onionshare-92092b8c34b62533c9be46592e819d4d6f3a8466.zip |
Update changelog
-rw-r--r-- | CHANGELOG.md | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 442f688f..ce455a45 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,18 @@ # OnionShare Changelog +## 2.5 + +* Security fix: Sanitize the path parameter in History item widget to be plain text +* Security fix: Use microseconds in Receive mode directory creation to avoid potential DoS +* Security fix: Several hardening improvements for session and username management in Chat mode, to prevent impersonation and other issues +* Major feature: Obtain bridges from Moat / BridgeDB (over a domain-fronted Meek client) +* Major feature: Snowflake bridge support +* New feature: Tor connection settings, as well as general settings, are now Tabs rather than dialogs +* New feature: User can customize the Content-Security-Policy header in Website mode +* New feature: Built-in bridges are automatically updated from Tor's API when the user has chosen to use them +* Switch to using our `stem` fork called `cepa`, which is now published on Pypi so we can build it in releases +* Various bug fixes + ## 2.4 * Major feature: Private keys (v3 onion client authentication) replaces passwords and HTTP basic auth |