Closed modmew8 closed 11 months ago
@arnaudroques since PlantUML v1.2023.9
comes with breaking changes w.r.t. ALLOW_PLANTUML_INCLUDE
and PLANTUML_SECURITY_PROFILE
you though about implementing something like plantuml.allowlist.port
here: https://github.com/plantuml/plantuml-server/pull/301#issuecomment-1589988589. Following the further communication, I do not believe that this will be implemented. Was there anything else in favor of holding back the release or should we confront the users with the changes :sweat_smile:
In the mean time v1.2023.10 is release. We could also just skip v1.2023.9
and directly to to version v1.2023.10
.
I assume the version tag
v1.2023.9
was forgotten on the commit that updated the plantuml version tov1.2023.9
Yes, sorry about that...
Anyway, we have just tagged v1.2023.10
so you should be able to upgrade.
Tell us if you have any issues!
Thank you very much!
Hi there!
I stumbled across CVEs that got fixed with plantuml version
v1.2023.9
(CVE-2023-3432 and CVE-2023-3431 in particular) - but the latest version for plantuml-server isv1.2023.8
.After checking the github actions and the last few commits I assume the version tag
v1.2023.9
was forgotten on the commit that updated the plantuml version tov1.2023.9
- but no guarantee, I am not familiar ifv1.2023.9
could possibly not be ready for release on plantuml-server site.Best regards