Prepare changelog for v3.15.0
parent
ebb782062f
commit
24d249555c
16
CHANGELOG.md
16
CHANGELOG.md
|
@ -1,3 +1,19 @@
|
||||||
|
Changes in [3.15.0](https://github.com/matrix-org/matrix-react-sdk/releases/tag/v3.15.0) (2021-03-01)
|
||||||
|
=====================================================================================================
|
||||||
|
[Full Changelog](https://github.com/matrix-org/matrix-react-sdk/compare/v3.15.0-rc.1...v3.15.0)
|
||||||
|
|
||||||
|
## Security notice
|
||||||
|
|
||||||
|
matrix-react-sdk 3.15.0 fixes a low severity issue (CVE-2021-21320) where the
|
||||||
|
user content sandbox can be abused to trick users into opening unexpected
|
||||||
|
documents. The content is opened with a `blob` origin that cannot access Matrix
|
||||||
|
user data, so messages and secrets are not at risk. Thanks to @keerok for
|
||||||
|
responsibly disclosing this via Matrix's Security Disclosure Policy.
|
||||||
|
|
||||||
|
## All changes
|
||||||
|
|
||||||
|
* Upgrade to JS SDK 9.8.0
|
||||||
|
|
||||||
Changes in [3.15.0-rc.1](https://github.com/matrix-org/matrix-react-sdk/releases/tag/v3.15.0-rc.1) (2021-02-24)
|
Changes in [3.15.0-rc.1](https://github.com/matrix-org/matrix-react-sdk/releases/tag/v3.15.0-rc.1) (2021-02-24)
|
||||||
===============================================================================================================
|
===============================================================================================================
|
||||||
[Full Changelog](https://github.com/matrix-org/matrix-react-sdk/compare/v3.14.0...v3.15.0-rc.1)
|
[Full Changelog](https://github.com/matrix-org/matrix-react-sdk/compare/v3.14.0...v3.15.0-rc.1)
|
||||||
|
|
Loading…
Reference in New Issue