ghost

mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-20 22:42:53 -05:00

History

Fabien O'Carroll b6be89a44f 🔒 Fixed member email change vulnerability refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-65p7-pjj8-ggmr This updates the signup/signin flow for members to no longer support the email address change flow - which had missing authentication. It has been replaced with a dedicated email change flow, and Portal has been updated to use it.		2021-09-23 10:46:00 +01:00
..
adapters	Improved JSDoc in default scheduler	2020-12-16 17:25:05 +13:00
api	🔒 Added a way to hide the secret settings once they are set	2021-04-16 17:34:33 +01:00
data	Fixed typo in migration to add backupContent permission (#12776 )	2021-03-18 14:51:11 +00:00
lib	Updated links to ghost.org sites	2021-01-20 09:59:45 +13:00
models	🐛 Fixed Member model removing labels when unset	2021-02-08 09:44:47 +00:00
public	✨ Enabled Portal (#12317 )	2020-11-03 14:36:21 +05:30
services	🔒 Added a way to hide the secret settings once they are set	2021-04-16 17:34:33 +01:00
translations	Updated links to ghost.org sites	2021-01-20 09:59:45 +13:00
views
web	🔒 Fixed member email change vulnerability	2021-09-23 10:46:00 +01:00
analytics-events.js
ghost-server.js	🐛 Fixed EADDRINUSE error handling on NodeJS >=13 (#12591 )	2021-02-16 13:21:21 +00:00
index.js	Prevented scheduling of recurring analytics jobs when not using emails (#12441 )	2020-12-02 08:17:44 +00:00
overrides.js	Improved threading performance on non-SQLite clients	2020-11-30 13:27:40 +13:00
update-check.js