Zulip v2.1.7 Release Notes
Release Date: 2020-06-26 // almost 4 years ago-
2.1.7 -- 2020-06-25
- CVE-2020-15070: Fix privilege escalation vulnerability with custom
profile fields and direct write access to Zulip's postgres database. - 🔄 Changed default memcached authentication username to zulip@localhost,
🛠 fixing authentication problems when servers change their hostname.
- CVE-2020-15070: Fix privilege escalation vulnerability with custom