Release Znuny LTS 6.0.34

Source: https://www.znuny.org/en/releases/znuny-6-0-34

This is the fourth release of Znuny LTS, mainly fixing a critical security issue:
It is possible to collect data by using a mnaipulated e-mail.

In addition to this, several changes provided by the Community are part of this release.

The FAQ package has also been updated, as there is also a vulnerability.
With the appropriate configuration in teh System Configuration it is possible
to linked FAQ content without having the required permission.

The new version of the FAQ is 6.0.29 and is available via the package manager and our download server
More details are available in the advisory.

Note for user of the ITSM package(s):
After updating, the current version 6.0.30 of the ITSM package can still be used.
Updates for ITSM will follow in later versions.

Release type: Security

Changes

Please see the Changes.md on Github

  • Fixed a critical XSS issue in ticket overviews
  • Updated jQuery validate to the latest version
  • Changed configuration for the FAQ link table