Element Android v1.6.12
Changes in Element v1.6.12 (2024-02-20)
This update provides important security fixes, please update now.
Security fixes π
- Add a check on incoming intent. CVE-2024-26131 / GHSA-j6pr-fpc8-q9vm
- Store temporary files created for Camera in a dedicated media folder. CVE-2024-26132 / GHSA-8wj9-cx7h-pvm4
Bugfixes π
- Switch the position and styles of the 'already have an account' and 'create account' buttons in the login splash screen. Also changes the 'already have an account one' to just say 'sign in'. (#+update-login-splash-screen)
- Improve
Event.getClearContent()and fix assignment issue that may help to decrypt last Event in the room list. (#8744) - Fix issues about location Event avatar rendering. (#8749)
What's Changed
- Point to Element security@ address and policy by @davidegirardi in #8735
- Fix release script which download artifact by @bmarty in #8734
- Bump io.element.android:wysiwyg from 2.24.0 to 2.25.0 by @dependabot in #8733
- Bump io.element.android:wysiwyg from 2.25.0 to 2.27.0 by @dependabot in #8745
- [Crypto] Improve Event.getClearContent() and fix assignement issue. by @bmarty in #8744
- Make 'sign in' flow more important in the initial screen by @jmartinesp in #8741
- Location avatar by @bmarty in #8749
- Bump io.element.android:wysiwyg from 2.27.0 to 2.29.0 by @dependabot in #8757
New Contributors
- @davidegirardi made their first contribution in #8735
Full Changelog: v1.6.10...v1.6.12
Contributors
jmartinesp, bmarty, and 2 other contributors