Version 3.0.3

Released: August 17, 2018

Changes

Program code

• Tags app: Add explicit post action redirect for the tag attach and tag remove actions when working on a single document.

Security

• Tags app: Add explicit casting of escaped tag labels to prevent exploit of cross site scripting. Thanks to Lokesh (@lokesh1095) for the report and proposed solutions. Closes GitLab issue #496.

Removals

• None

Upgrading from a previous version

Using PIP

Type in the console:

$ pip install mayan-edms==3.0.3

the requirements will also be updated automatically.

Using Git

If you installed Mayan EDMS by cloning the Git repository issue the commands:

$ git reset --hard HEAD
$ git pull

otherwise download the compressed archived and uncompress it overriding the existing installation.

Next upgrade/add the new requirements:

$ pip install --upgrade -r requirements.txt

Common steps

Migrate existing database schema with:

$ mayan-edms.py performupgrade

Add new static media:

$ mayan-edms.py collectstatic --noinput

The upgrade procedure is now complete.

Backward incompatible changes

• None

Bugs fixed or issues closed

• GitLab issue #496 Persistent Cross Site Scripting