Kanboard 1.2.49

Changes

Security

• Fixed an LDAP injection issue by properly escaping placeholders in LDAP queries.
• Prevented protocol-relative URLs (//example.com) from being used as login redirect targets.
• Added a new TRUSTED_PROXY_NETWORKS configuration option to explicitly define trusted reverse proxy networks.
• Introduced an optional security feature to block private network access when fetching external web links (configurable).

Improvements

• Restored Ctrl + Enter keyboard shortcut for submitting the task creation form.
• Updated translations for multiple languages.

Maintenance

• Added a GitHub Actions workflow to mirror the repository to Codeberg.
• Removed an outdated tests/Dockerfile.
• Regenerated Composer autoload files.

Build & Dependencies

• Updated Alpine Linux base image from 3.22 to 3.23.

• Updated GitHub Actions dependencies:

• actions/checkout from v5 to v6

• actions/upload-artifact from v4 → v5 → v6

Links

• https://github.com/kanboard/kanboard/tree/v1.2.49
• https://github.com/kanboard/kanboard/archive/refs/tags/v1.2.49.zip
• https://github.com/kanboard/kanboard/archive/refs/tags/v1.2.49.tar.gz

Docker Images

• docker pull docker.io/kanboard/kanboard:v1.2.49
• docker pull ghcr.io/kanboard/kanboard:v1.2.49
• docker pull quay.io/kanboard/kanboard:v1.2.49