Merge tag '4.7.17.5' into develop

4.7.17.5 # Conflicts: # resources/views/v1/transactions/convert.twig
2025-02-20 11:48:27 -06:00 · 2019-08-02 20:59:57 +02:00 · 2019-08-02 20:59:57 +02:00 · ca9f8b56f7
commit ca9f8b56f7
parent 3435cb937c ece0c99dbb
6 changed files with 15 additions and 7 deletions
--- a/.sandstorm/changelog.md
+++ b/.sandstorm/changelog.md
@ -1,6 +1,10 @@
+# 4.7.17.5 (API 0.9.2)
+
+- Several XSS issues, found by [@0x2500](https://github.com/0x2500).
+
 # 4.7.17.4 (API 0.9.2)

- Several XSS issues, found by [@dayn1ne](https://github.com/dayn1ne).
+- Several XSS issues, found by [@0x2500](https://github.com/0x2500).

 # 4.7.17.3 (API 0.9.2)

--- a/.sandstorm/sandstorm-pkgdef.capnp
+++ b/.sandstorm/sandstorm-pkgdef.capnp
@ -15,8 +15,8 @@ const pkgdef :Spk.PackageDefinition = (

  manifest = (
    appTitle = (defaultText = "Firefly III"),
-    appVersion = 30,
-    appMarketingVersion = (defaultText = "4.7.17.4"),
+    appVersion = 31,
+    appMarketingVersion = (defaultText = "4.7.17.5"),

    actions = [
      # Define your "new document" handlers here.
--- a/.travis.yml
+++ b/.travis.yml
@ -1,7 +1,7 @@
 sudo: required
 language: bash
 env:
-  - VERSION=4.7.17.4
+  - VERSION=4.7.17.5

 dist: xenial

--- a/changelog.md
+++ b/changelog.md
@ -2,10 +2,15 @@
 All notable changes to this project will be documented in this file.
 This project adheres to [Semantic Versioning](http://semver.org/).

+## [4.7.17.5 (API 0.9.2)] - 2019-08-02
+
+### Security
+- Several XSS issues, found by [@0x2500](https://github.com/0x2500).
+
 ## [4.7.17.4 (API 0.9.2)] - 2019-08-02

 ### Security
- Several XSS issues, found by [@dayn1ne](https://github.com/dayn1ne).
+- Several XSS issues, found by [@0x2500](https://github.com/0x2500).

 ## [4.7.17.3 (API 0.9.2)] - 2019-07-16

--- a/config/firefly.php
+++ b/config/firefly.php
@ -125,7 +125,7 @@ return [
        'is_demo_site'     => false,
    ],
    'encryption'                   => null === env('USE_ENCRYPTION') || env('USE_ENCRYPTION') === true,
-    'version'                      => '4.7.17.4',
+    'version'                      => '4.7.17.5',
    'api_version'                  => '0.9.2',
    'db_version'                   => 10,
    'maxUploadSize'                => 15242880,
--- a/resources/views/v1/transactions/convert.twig
+++ b/resources/views/v1/transactions/convert.twig
@ -16,7 +16,6 @@
                        <h3 class="box-title">{{ ('convert_options_'~sourceType.type~destinationType.type)|_ }}</h3>
                    </div>
                    <div class="box-body">
-
                        <p>
                            {# ONE: WITHDRAWAL TO DEPOSIT #}
                            {% if sourceType.type == 'Withdrawal' and destinationType.type == 'Deposit' %}