Jirafeau 4.6.3 is ready

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 38b4a3fb793f5565f989e10431e79dae3f94824d..a00d820ee78e371bdfd9fdf0758bc80dd577af06 100644 (file)
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -12,7 +12,7 @@
 5. Follow the installation wizard, it should propose you the same data folder or even update automatically
 6. Check your `/lib/config.local.php` and compare it with the `/lib/config.original.php` to see if new configuration items are available. If a new item is missing in your `config.local.php`, this may trigger some errors as Jirafeau may expect to have them.
 
-## Version 4.6.3 (not yet released)
+## Version 4.6.3
 
 - Fixed the possibility to bypass the checks for [CVE-2022-30110](https://www.cve.org/CVERecord?id=CVE-2022-30110) and [CVE-2024-12326](https://www.cve.org/CVERecord?id=CVE-2024-12326) (prevent preview of SVG images and other critical files) by sending a manipulated HTTP request with a MIME type like "image/png,text/html". When doing the preview, the MIME type "text/html" takes precedence and you can execute for example JavaScript code.
 - Compare password hashes using `hash_equals()`

diff --git a/lib/settings.php b/lib/settings.php
index cbdfaff47097ab6dc6d59c09ab5654e09d3bcf9c..cc4a9b2cd9ff52a55b98f489c05db7e02e237d05 100644 (file)
--- a/lib/settings.php
+++ b/lib/settings.php
@@ -43,7 +43,7 @@ if ($cfg['debug'] === true) {
 
 /* Jirafeau package */
 define('JIRAFEAU_PACKAGE', 'Jirafeau');
-define('JIRAFEAU_VERSION', '4.6.x-dev');
+define('JIRAFEAU_VERSION', '4.6.3');
 
 define('JIRAFEAU_WEBSITE', 'https://gitlab.com/jirafeau/Jirafeau');