hedgedoc

Update quay.io/hedgedoc/hedgedoc Docker tag to v1.10.3

Michi Kofler-Häusler

12 Apr 2025 — 1 min read

No problems upgrading the Docker container with a Docker compse yaml file within Portainer and by means of Watchtower DevOps with dependency update facilitated by Mend's Renovate Bot.

This MR contains the following updates:

Package	Update	Change
quay.io/hedgedoc/hedgedoc (source)	patch	`1.10.2` -> `1.10.3`

Release Notes

hedgedoc/hedgedoc (quay.io/hedgedoc/hedgedoc)

`v1.10.3`: HedgeDoc 1.10.3

Compare Source

Security fixes

This release fixes a security issue of a possible XSS exploit which can be planted via a malicous SVG file upload.

See GHSA-3983-rrqh-mvx5 for more details

Enhancements

Add config options CMD_SAML_WANT_ASSERTIONS_SIGNED and CMD_SAML_WANT_AUTHN_RESPONSE_SIGNED for SAML auth, since
some instances didn't comply with the new defaults of @node-saml/passport-saml

Update docker.io/xwiki Docker tag to v17.2.1

Easy major upgrade of latest stable Docker container by Watchtower infrastructure and manual in-application-upgrade by administration access with dependency update facilitated by Mend's Renovate Bot. This MR contains the following updates: Package Update Change docker.io/xwiki (changelog) patch 17.2.0-postgres-tomcat -> 17.2.1-postgres-tomcat Release

Update docker.io/metabase/metabase Docker tag to v0.54.3

No problems upgrading the Docker container with a Docker compose yaml file and by means of Watchtower infrastructure with dependency update facilitated by Mend's Renovate Bot. This MR contains the following updates: Package Update Change docker.io/metabase/metabase patch v0.54.2 -> v0.54.3

Update docker.io/mysql Docker tag to v8.0.42

Successfully upgraded and migrated the Docker container - using the default image - on the Database Host using Watchtower infrastructure with dependency update facilitated by Mend's Renovate Bot. Changes in MySQL 8.0.42 (2025-04-15, General Availability)

Update quay.io/minio/minio Docker tag to RELEASE.2025-04-08T15-41-24Z

Some major upgrade efforts deploying to Proxmox VE K3s Kubernetes cluster via Helm Chart and Flux V2 reconciliation in a GitOps approach with dependency update facilitated by Mend's Renovate Bot. This MR contains the following updates: Package Update Change quay.io/minio/minio patch RELEASE.2025-04-03T14-56-28Z ->

Me on Mastodon - This link is here for verification purposes.