Skip to content

v1.5.15

Choose a tag to compare

View all tags
@RiotRobot RiotRobot released this 01 Apr 14:30
· 60456 commits to develop since this release
v1.5.15
This tag was signed with the committer’s verified signature. The key has expired.
RiotRobot ElementRobot
GPG key ID: F6151806032026F9
Expired
Verified
Learn about vigilant mode.
0cfdc7b

Full Changelog

Security notice

The jitsi.html widget wrapper introduced in Riot 1.5.14 could be used to extract user data by tricking the user into adding a custom widget or opening a link in the browser used to run Riot. Jitsi widgets created through Riot UI do not pose a risk and do not need to be recreated.

It is important to purge any copies of Riot 1.5.14 so that the vulnerable jitsi.html wrapper from that version is no longer accessible.

All changes

  • Upgrade React SDK to 2.3.1 for Jitsi fixes
  • Fix popout support for jitsi widgets
    #12980
Assets 5
Loading