From c1be5e676679752ba54d30be54c2c84a5cd46d21 Mon Sep 17 00:00:00 2001 From: Tim Abbott Date: Thu, 15 May 2025 15:21:33 -0700 Subject: [PATCH] Release Zulip Server 10.3. --- docs/overview/changelog.md | 39 ++++++++++++++++++++++++++++++++------ version.py | 4 ++-- 2 files changed, 35 insertions(+), 8 deletions(-) diff --git a/docs/overview/changelog.md b/docs/overview/changelog.md index 83d33dd073..b7d6e670f1 100644 --- a/docs/overview/changelog.md +++ b/docs/overview/changelog.md @@ -7,11 +7,35 @@ up-to-date list of all changes. ## Zulip Server 10.x series -- Added support for using PostgreSQL 17 as the database. See the - [PostgreSQL upgrade - documentation](../production/upgrade.md#upgrading-postgresql) if - you’re interested in upgrading an existing server to newer - PostgreSQL. +### Zulip Server 10.3 + +_Released 2025-05-15_ + +- CVE-2025-47930: Restrictions on creating public or private channels + were incorrectly not applied when editing the chanenl type for an + existing channel. This issue only impacted configurations where + users could create private channels but not public channels, or vice + versa. +- Fixed an important bug where the LDAP integration could corrupt + system groups when changing a user’s role, resulting in permissions + not being applied correctly. This release also contains a migration + that corrects the corrupted state for affected systems. +- Fixed a bug where uploaded files were incorrectly inaccessible to + users previewing a private channel that they had permission to join. +- Fixed multiple live update bugs related to archiving/unarchiving + channels or losing access to a channel. +- Fixed sorting of message IDs in the `unread_msgs` API. +- Fixed appearance of the top-of-message-feed loading spinner with + non-default font sizes. +- Fixed several glitches with save/discard buttons in organization + settings, and updated visual design. +- Added the `manage.py thumbnail` management command. This management + command supports generating thumbnails for legacy images that were + uploaded prior to the introduction of thumbnailing in Zulip + 9.0. This tools shares its queue with thumbnailing of newly sent + images, so be careful when enqueuing large numbers of images at + once. +- Updated translations. ### Zulip Server 10.2 @@ -33,7 +57,10 @@ _Released 2025-04-15_ profiles. - Fixed compatibility issues between the new `tusd` -based file upload backend and using a non-default port for the Zulip server. -- Added support for PostgreSQL 17. +- Added support for PostgreSQL 17. See the [PostgreSQL upgrade + documentation](../production/upgrade.md#upgrading-postgresql) if + you’re interested in upgrading an existing server to newer + PostgreSQL. - Direct message conversations are now allowed to wrap to two lines in the left sidebar using a 2-line format, just like topics. - Fixed an important server availability bug involving thumbnails for large diff --git a/version.py b/version.py index 3604187529..5d6b3f38aa 100644 --- a/version.py +++ b/version.py @@ -1,6 +1,6 @@ import os -ZULIP_VERSION = "10.2+git" +ZULIP_VERSION = "10.3" # Add information on number of commits and commit hash to version, if available zulip_git_version_file = os.path.join( @@ -14,7 +14,7 @@ ZULIP_VERSION = lines.pop(0).strip() ZULIP_MERGE_BASE = lines.pop(0).strip() LATEST_MAJOR_VERSION = "10.0" -LATEST_RELEASE_VERSION = "10.2" +LATEST_RELEASE_VERSION = "10.3" LATEST_RELEASE_ANNOUNCEMENT = "https://blog.zulip.com/zulip-server-10-0" # Versions of the desktop app below DESKTOP_MINIMUM_VERSION will be