listmonk v5.0.2

Repository: @knadh/listmonk

GitHub release page: v5.0.2

v5.0.2 contains an important security update which disables the env and expandenv Sprig template functions preventing accessing of env variables from templates. This affects v4.0.0 - v5.0.1 installations that have unprivileged users in a multi-user setup.

How to upgrade

As always, take a backup of your database before upgrading.

Binary

Download the latest binary. Stop and replace the old binary. Run ./listmonk --upgrade. Start the app again.

Docker

# cd /directory/with/docker-compose.yml



docker-compose down

docker-compose pull && docker-compose run --rm app ./listmonk --upgrade

docker-compose up -d app db

Changelog

• d27d2c3 2 Remove dangerous tpl funcs in Sprig that’s enabled by default.

• 6fc6c1e c Fix Vietnamese translation issues (#2487)

• d6f5292 d Fix subscribers unsubscription status being reset to confirmed on save (#2517)

• 8b8358e 9 Add Nodion Deployment Option (#2518)

• 3f39508 5 updates simples3 to latest version (#2520)

• d027cb5 d Add kloudbean hosting link to static website (#2508)

• bf502ba 7 Update release details on the static homepage.