Self-Managed Server 4.1.3
Released on Aug 21, 2023.
Downloads
Windows MSI | Download | Installation instructions |
Ubuntu/Debian | Download | Installation instructions |
Self-contained JAR | Download | Installation instructions |
Docker | Docker Hub | Installation instructions |
Release notes
Fixes
- AI-3655 Fix failed password throttling in self-managed server
- AI-3652 Fully enforce Content-Security Policy (switch from Content-Security-Policy-Report-Only to Content-Security-Policy header)
- AI-3654 Limit the number of personal API tokens to 10 tokens per user
Additional configuration options
This release also includes additional, optional, security measures can be enabled through configuration:
- AI-3653 Enable Strict Transport Security through configuration (recommended)
- AI-3657 Allow disabling account disclosure through config.ini (not recommended)
- AI-3658 Enable X-XSS-Protection header when enabled in config.ini (not recommend)
Upgrade notes
If you are upgrading from an earlier version of the standalone server and using HTTPS Proxy Mode, ensure your proxy server is passing the X-Real-IP
header to ensure that the server can properly throttle failed login attempts by IP address.