From: Go MAEDA Date: Mon, 26 Apr 2021 14:12:44 +0000 (+0000) Subject: Updates for 4.0.9 release. X-Git-Tag: 4.0.9~1 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=6ef783417e9167aed0f66c0a8d25a8bf9b2d7a44;p=redmine.git Updates for 4.0.9 release. git-svn-id: http://svn.redmine.org/redmine/branches/4.0-stable@20977 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- diff --git a/doc/CHANGELOG b/doc/CHANGELOG index 0d489451a..574cc1deb 100644 --- a/doc/CHANGELOG +++ b/doc/CHANGELOG @@ -4,6 +4,27 @@ Redmine - project management software Copyright (C) 2006-2021 Jean-Philippe Lang https://www.redmine.org/ +== 2021-04-26 v4.0.9 + +=== [Gems support] + +* Patch #34969: Remove dependency on MimeMagic + +=== [Rails support] + +* Patch #34966: Update Rails to 5.2.5 + +=== [Security] + +* Defect #34367: Allowed filename extensions of attachments can be circumvented +* Defect #34950: SysController and MailHandlerController are vulnerable to timing attack +* Defect #35045: Mail handler bypasses add_issue_notes permission +* Defect #35085: Arbitrary file read in Git adapter + +=== [UI] + +* Patch #34955: Update copyright year in the footer to 2021 + == 2021-03-21 v4.0.8 === [Accounts / authentication] diff --git a/lib/redmine/version.rb b/lib/redmine/version.rb index eac3682b1..b7f15c675 100644 --- a/lib/redmine/version.rb +++ b/lib/redmine/version.rb @@ -5,7 +5,7 @@ module Redmine module VERSION MAJOR = 4 MINOR = 0 - TINY = 8 + TINY = 9 # Branch values: # * official release: nil