CKAN 2.10.7

Titlev.2.10.7 2025-02-05
Version2.10.7
Release Date2025-02-05
Changes
Show details

Migration notes

  • Going forward, if both ckan.upload.[type].mimetypes and ckan.upload.[type].types are empty, no uploads will be allowed for this object type (e.g. user or group). It previoulsy meant that all file types were allowed. To keep the old behaviour use the string * as value in both options (this is dangerous and not recommended).

Minor changes

  • Adapt login failure message if reCAPTCHA is enabled (#8627 <https://github.com/ckan/ckan/pull/8627>_)
  • Update release process docs (#8586 <https://github.com/ckan/ckan/pull/8586>_)
  • Support 2.11 version of the Solr schema in CKAN 2.10 (5acfeda6e)

Bugfixes

  • CVE-2025-24372 <https://github.com/ckan/ckan/security/advisories/GHSA-7pq5-qcp6-mcww>_: Fix potential XSS vector through user and group/organization images.
  • Invalidate cached pages and load fresh ones if cookies change (#6955 <https://github.com/ckan/ckan/pull/6955>_)
  • Fix check_access order for resource create view (#8588 <https://github.com/ckan/ckan/pull/8588>_)
  • Fix auth check for datastore data dictionary view (#8639 <https://github.com/ckan/ckan/pull/8639>_)
Url Ckangeloghttps://github.com/ckan/ckan/blob/master/CHANGELOG.rst#v2107-2025-02-05