v5.0.2 contains an important security update which disables the env and expandenv Sprig template functions preventing accessing of env variables from templates. This affects v4.0.0 - v5.0.1 installations that have unprivileged users in a multi-user setup.
How to upgrade
As always, take a backup of your database before upgrading.
Binary
Download the latest binary. Stop and replace the old binary. Run ./listmonk --upgrade. Start the app again.
Docker
# cd /directory/with/docker-compose.yml
docker-compose down
docker-compose pull && docker-compose run --rm app ./listmonk --upgrade
docker-compose up -d app dbChangelog
- d27d2c3 Remove dangerous tpl funcs in Sprig that's enabled by default.
- 6fc6c1e Fix Vietnamese translation issues (#2487)
- d6f5292 Fix subscribers unsubscription status being reset to confirmed on save (#2517)
- 8b8358e Add Nodion Deployment Option (#2518)
- 3f39508 updates simples3 to latest version (#2520)
- d027cb5 Add kloudbean hosting link to static website (#2508)
- bf502ba Update release details on the static homepage.