You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7.5 KiB
7.5 KiB
v10.3.1 - 21 May 2019
Fixes:
- Fix utils.js naming issue
Security:
- CVE-2019-12086 - bump jackson version
v10.3.0 - 20 May 2019
Fixes:
- Fix a javascript null-deref occuring when localstorage isn't available/supported by the browser
- Fix StringIndexOutOfBounds errors thrown by DWR/YUI
- Fix a small resource leak
- Fix #611 Add support for Java 9 and greater
- Fix typo in anonymous user name (#663)
Changes:
- Maven Dependency Updates
- HSQL: Checkpoint/defrag/shutdown optimizations
- HSQL: Log tweaks
- Remove momentjs, pngfix
- Codebase modernization
- Systemd unit hardening
- Remove the external fonts usage
- Update mediaelement from 4.1.1 to 4.2.9
- Remove script.aculo.us dependency
- Add description and viewport meta tags
- Javascript cleanup/optimizations
- Remove Google+ relics
- Remove jquery-contextmenu since it's not used anywhere
- Remove webfx stuff, since they're apparently not used
- Remove WAP-related stuff
- Do not show stack trace for client-side connection errors
- Show more informative messages while streaming
- Replace latin encoding with utf-8
- Don't autocomplete the password field
- Clicking on the logo now redirects to home instead of about
- Remove mentions of subsonic premium
- Add a permission check for the podcast folder
- Replace the double-mustache anti-pattern
- Remove the /db page
- Bump jQuery/jquery-ui to the latest versions
- Replace the flash player with medialement.js for the shared media
- Add system properties for persisting the 'remember me' key
- Replace the usage of prototypejs with jquery in changeCoverArt.jsp
- Add the required keyword to some forms
- Update docker base image to alpine 3.9
Security:
- CVE-2019-10908 Generate new passwords in a secure way
- Fix a xss and clean up some js
- CVE-2019-10907 Use a random key to "encrypt" the remember-me cookie's value
- Use https for external links
- Fix a bunch of dom-based xss
- Add a noopener and noreferrer to external urls
- Avoid logging sensitive URL parameters in the Subsonic API
- Fix various minor issues found by LGTM
v10.2.1 - 18 Feb 2019
Security:
- CVE-2018-20222 Prevent xxe during parse
v10.2.0 - 16 Feb 2019
Fixes:
- Fix #658 again: content type for unscaled images set based on jaudiotagger output
- Reverted
a93a18a
and properly re-encoded with 'native2ascii -encoding UTF-8' - fix issues #638 and #574
- Fix #596 SubStandard theme includes old Subsonic Logo
- Fix themes using dark background with me_js
- Remove potential cast exception
- Fixed github link opening in frame and not loading
- Correct corrupted downloaded zip
- Fix #778: Defragment embedded HSQLDB database more frequently
- PlayQueue: Fix broken keyboard shortcuts
- Fix #860 (external database performance) by using connection pooling … (#864)
Changes:
- Made it easier to see current playing song for dark themes
- Spring Boot 1.5.18
- New add_album to play queue
- Remove margin of media_control bar
- Update to 3.3.0 java-jwt
- catch exceptions ClientAbortException display a short message and return, to avoid the massive useless traceback in log
- Update cxf to 3.1.15
- Issue #164: Show link to MusicBrainz release on album pages
- Handle player id as an Integer instead of Strin
- Add Docker health check
- Use dark media player theme on groove theme (#777)
- Change to optional reCAPTCHA v2
- Optionally parse podcast episode duration in seconds to [hh:]mm:ss
- Add option to disable seeking on transcodes. (Mitigates #548 & #723)
- White list jars that are scanned for tlds to prevent spurious logs
- Tweaked logging around servlet container and added warning about jetty
- Add extended favicons
- Display folders as a list in Settings->Users and include the path.
- Add 32x32 pixeled favicon / updated favicons in webapp
- Updated internal maven plugins
Translation Updates:
- Fixed elipse in english translation
Security:
- Fix #749 Ensure transcode settings are protected
- Bump version of guava to deal with CVE-2018-10237
- Update jackson version
- Fix #764 LDAP Login allows unauthenticated access
Not Fixed:
- #685 - transcoding length issue
v10.1.2 - 28 Aug 2018
Fixes:
- Fix LDAP authentication bypass
v10.1.1 - 16 Dec 2017
Changes:
- Add show-all button on artist landing page
- Upgrade jaudiotagger to 2.2.5 supporting Java 9
Fixes:
- DLNA Recent Albums is just listing albums
- NPE in docker container
- Substandard theme css
- Build error causing Jetty to be default container (should be Tomcat)
Translation Updates:
- English language cleanup
v10.1.0 - 04 Nov 2017
Changes:
- New Jukebox player using javasound api
- Localize artist bios from last.fm
- Use
ffprobe
and notffmpeg
to scrape metadata - Added options for excluding files during scan (symlinks and regex)
- Add "opus" and "mka" extension to default extension list
Fixes:
- Error message readability
- Adding album comment
- Subsonic API wrong error behavior for getAlbumList
- Stop airsonic from creating double slashes in urls.
- Search csrf timeout/expiration
Security:
- CVE-2014-3004 - XML playlist parsing
Translation Updates:
- English
v10.0.1 - 23 Aug 2017
Note that with this release, the jdbc-extra flavored war is now the default and only war.
- Translation updates for French, Bulgarian, German, Italian, Spanish,
- Docker image tweaks
- Some light cleanup/refactorings
- Fixed password reset
- Fixed broken liquibase when airsonic.defaultMusicFolder is modified
v10.0.0 - 06 Aug 2017
- Rebranded to Airsonic
- Replaced JWplayer with MediaElement.js (HTML5 player)
- Upgraded to Subsonic API version 1.15
- Added official Docker image
- Added Airsonic to a Translation service (Weblate)
- Some translations updates (English, French, German, and Russian)
- New login page
- Added additional war with builtin support for external databases
- Improved playlist handling
- DLNA browsing improvements
- Small fixes and improvements
v6.2 - 02 May 2017
- Small fixes
- Release only a month behind schedule! We're improving!
v6.2.beta4 - 25 Apr 2017
- Final fixes in Beta! Release soon
v6.2.beta3 - 08 Apr 2017
- API endpoint security tightening
- More documentation
- Less licensing code
- More cowbell
v6.2.beta2 - 24 Mar 2017
- Add database settings UI
- Documentation improvements
- Lots of spit and polish
v6.2.beta1 - 05 Mar 2017
- Add external database support
- Upgrade to new version of Spring
- Replace subsonic-booter with Spring Boot
- Remove remote-access service and port-forwarding
- Remove vestigial Subsonic licensing calls
- Add a demo site
- Tests and bugfixes and documentation, oh my!
v6.1 - 27 Nov 2016
- First real stable release!
v6.1.beta2 - 19 Nov 2016
- Metaproject: Jenkins builds!
- More documentation
- Translation updates
- Improve shuffling behaviour
- Lots of small fixes, many more to come
v6.1.beta1 - 15 May 2016
- Meant as a release candidate; failed to make it past the Primary election.
v6.1-alpha1 - 14 May 2016
- Search+replace subsonic-->libresonic
- Move out of org.sourceforge.subsonic namespace
- Develop becomes horribly unstable, you shouldn't be using this.
v6.0.1 - 14 May 2016
- First recommended release
- Updated Help/About page text
v6.0 - 1 May 2016
- First release as Libresonic
- Based upon Subsonic 5.3(stable)