ghost

Update docker.io/ghost Docker tag to v6.11.0

Michi Kofler-Häusler

Michi Kofler-Häusler

1 min read
Update docker.io/ghost Docker tag to v6.11.0
Photo by Tandem X Visuals / Unsplash

On both domains I upgraded Ghost successfully by means of Watchtower Docker container update with dependency update facilitated by Mend's Renovate Bot.

This MR contains the following updates:

Package Update Change
docker.io/ghost minor 6.10.3 -> 6.11.0

Release Notes

TryGhost/Ghost (docker.io/ghost)

v6.11.0: 6.11.0

Compare Source

  • 🔒 Fixed staff token authorization bypass via trailing slash mismatch (#​25805) - Michael Barrett
  • 🔒 Fixed potential SSRF via media inliner (#​25807) - Michael Barrett
  • 🔒 Fixed SQL injection vulnerability in click event query (#​25804) - Michael Barrett
  • 🔒 Fixed ability to bypass Staff User 2FA flow (#​25806) - Michael Barrett
  • ✨ Added warning when a post's size exceeds email clients clipping length (#​25798) - Kevin Ansfield
  • ✨ Added Admin API endpoint for browsing all comments (#​25700) - Rob Lester
  • 🐛 Fixed overly permissive publication locale setting (#​25774) - Jannis Fedoruk-Betschki
  • 🐛 Fixed missing member discount data after migrations (#​25720) - Sag
  • 🌐 Update Portuguese translations for Portal (#​25704) - Mateus Ribeiro

View the changelog for full details: https://github.com/tryghost/ghost/compare/v6.10.3...v6.11.0

Read more

Me on Mastodon - This link is here for verification purposes.