A platform to create documentation/wiki content built with PHP & Laravel
This release contains the following fixes and changes:
This release contains the following fixes and changes:
commonmark_environment_configure
event argument and return types have changed. Please see the event definition to understand the new types if using this logical theme system event.This is a security release that addresses a potential vulnerability in PDF generation that could be used to make server-side requests or run potential other PHP code.
Upgrade is advised where untrusted users have permission to create page content in your instance.
From testing, it appears that successful exploitation of this would require either the disabling of BookStack default security options, or access to the host machine system, but out of caution we're advising upgrade in any environment as specified above.
php artisan migrate
upgrade step may take extra time to run, especially where there are a lot of content and/or roles in the system.This release contains the following fixes and changes: