Re: pgAdmin 4 v4.28 released - Mailing list pgadmin-support
| From | Dave Page |
|---|---|
| Subject | Re: pgAdmin 4 v4.28 released |
| Date | |
| Msg-id | CA+OCxow8V8sQPLVQRowWd1YRphd29PiYDoBPMP6CXd1S9Fdbzw@mail.gmail.com Whole thread Raw |
| In response to | Re: pgAdmin 4 v4.28 released (richard coleman <rcoleman.ascentgl@gmail.com>) |
| Responses |
Re: pgAdmin 4 v4.28 released
(richard coleman <rcoleman.ascentgl@gmail.com>)
|
| List | pgadmin-support |
On Thu, Nov 12, 2020 at 4:13 PM richard coleman <rcoleman.ascentgl@gmail.com> wrote:
Dave,Thanks, but I expected that once an issue makes it into a release, and a release announcement, that the veil is pulled back.
It has been - we just forgot with this one. There are a lot of moving parts in a release, and that's one that can't easily be automated.
rik.On Thu, Nov 12, 2020 at 11:05 AM Dave Page <dpage@pgadmin.org> wrote:Richard,On Thu, Nov 12, 2020 at 3:59 PM richard coleman <rcoleman.ascentgl@gmail.com> wrote:Hi All,The release notes list:Issue #5919 - Added security related enhancements.But this issue does not show up on the list of issues and following the link returns a 403 error. What exactly was included in this change?The issue (like all security issues) was marked as private. We make the public following the release, which has now been done. The commit lists the following changes:Added following security enhancements:
1) Added ALLOWED_HOSTS list to limit the host address.
2) Added CSP and HSTS security header.
3) Hide the webserver/ development framework version.It doesn't seem exactly transparent that secret changes are being made to this program.We almost always make security changes in secret, in much the same way as other Open Source projects (e.g. PostgreSQL) do. That is to help protect users by not advertising potential vulnerabilities before fixes are available.Thanks,rik.On Thu, Nov 12, 2020 at 6:34 AM Akshay Joshi <akshay.joshi@enterprisedb.com> wrote:The pgAdmin Development Team is pleased to announce pgAdmin 4 version 4.28.
This release of pgAdmin 4 includes 19 bug fixes and new features. For more details please see the release notes at:
https://www.pgadmin.org/docs/pgadmin4/4.28/release_notes_4_28.html.pgAdmin is the leading Open Source graphical management tool for PostgreSQL. For more information, please see:
https://www.pgadmin.org/
Notable changes in this release include:
- Added support to download utility files at the client-side.
- Added support to rename query tool and debugger tabs title.
- Added support for dynamic tab size.
- Added tab title placeholder for Query Tool, View/Edit Data, and Debugger.
- Added support to compare schemas and databases in schema diff.
- Ensure that non-superuser should be able to debug the function.
- Ensure that query history should be listed by date/time in descending order.
- Ensure that Grant Wizard should include foreign tables.
- Ensure that search object functionality works with case insensitive string.
Builds for Windows and macOS are available now, along with a Python Wheel,
Docker Container, RPM, DEB Package, and source code tarball from:--Akshay JoshipgAdmin Project--
pgadmin-support by date: