Update Info


Security update for cherrytree

Type: security
Severity: moderate
Issued: 2022-12-04
cherrytree was updated to version 0.99.49+3:

  * Legacy_canonicalize_filename: manage empty filename,
  * added command line option '--anchor AnchorName' that in
    addition to existing '--node NodeName' allows to open a
    document focusing an anchor in a node.
  * Changed non configurable keyboard shortcuts for codebox width
    and table column width to use parenthesis open instead of
    backslash, (gh#giuspen/cherrytree#2113).
  * Fixed crash on double exit from systray icon right click menu,
  * Added keyboard shortcuts to toolbar tooltips,
  * Fixed export to HTML crash, (gh#giuspen/cherrytree#2109).
  * Force turning off portal usage since it does not work on all
    distros, (gh#giuspen/cherrytree#2111).
  * Improved dialog confirmation before executing the code.
  * Additonal changes for core22, (gh#giuspen/cherrytree#2110).
  * Allow to disable the dialog asking for confirmation before
    executing the code.
  * Fixed bulleted list unindent (Shift+Tab) crash,
  * Add home plug, (gh#giuspen/cherrytree#2101 and
  * Linux menu launcher run cherrytree in a new instance,
  * Fixed crash on print/export as pdf of a sequence of characters
    without spaces longer that the page width, such as a very long
    URL, (gh#giuspen/cherrytree#2045).
  * Fixed wrongly entering column mode when using keyboard
    shortcuts with <Ctrl><Alt> such as insert codebox,
  * Added syntax highlighting support for GDScript.
  * Fixed tooltip and cursor not reset after hovering link and then
    navigating to non rich text node.
  * Support for accent insensitive search - added letters with
    subordinate dots, (gh#giuspen/cherrytree#1981).
  * Translation updates.
- Developer advised fixed cross-site scripting (XSS) vulnerability
  that allows attackers to execute arbitrary web scripts or HTML
  via a crafted payload injected into the Name text field when
  creating a node, (boo#1202513, gh#giuspen/cherrytree#2099 and

Update to version 0.99.48:

  * Added support for right to left languages in export to html and
    pdf (gh#giuspen/cherrytree#2044, gh#giuspen/cherrytree#1668
    and gh#giuspen/cherrytree# #698).
  * In order to support the right to left languages in export to
    html, the resulting html text lines are no longer LINE<br/> but
  * Fixed in export to pdf the link to node+anchor with non ascii
    anchor name.
  * Improved detection of missing executables required for
    rendering LatexBoxes. These dependencies are no longer
    mandatory (gh#giuspen/cherrytree#2033).
  * Added help to the user to show again a hidden menubar
    (gh#giuspen/cherrytree#1927 and gh#giuspen/cherrytree#2054).
  * Pressing Tab on the very latest table cell now adds a new table
    line and moves to its first cell.
  * Fixed issue with relative links to files and folders and
    documents moved between linux and windows.
  * In export to html and txt multiple files, now appending the
    node id to the file names to support multiple nodes with the
    same name.
  * Added syntax highlight support for solidity
  * After issues with the domain giuspen.com, the domain changed to
    giuspen.net and giuspen.com will eventually go.

Update to version 0.99.47+2:

  * Added support for latex math equations.
  * Added copy/paste of tree nodes and subnodes between multiple opened files.
  * Restored support for drag and drop of text selection.
    Now rich text content is preserved.
  * Added syntax highlighting for HCL.
  * Fixed issue at reset toolbar in preferences dialog when menubar in titlebar.
  * Added command line option (-S/--secondary_session) to run in isolation
    from a possibly already running main instance.
  * Updated flatpak script.

Update to version 0.99.46+6:

  * Fixed time created/modified filter on searches for node name and tags.
  * Changed default keyboard shortcuts using Ctrl+Period to Ctrl+Backslash
    for clash with latest linux desktops.
  * Fixed restore window position on Windows and dual screen.
  * Added strip trailing spaces action to rich text right click menu.
  * Fixed issue restoring hpaned tree/text position with tree on the right.
  * Added command line option to pass the password to open an encrypted document.

Update to version 0.99.45+10:

  * added language Arabic
  * fixed time created/modified filter on searches for node name and tags 
  * just ninja build debug print
  * added strip trailing spaces action to rich text right click menu
  * minor improvement to previous commit 
  * fixed copy fromm codebox and pasting to rich text unwanted additional characters 



  • cherrytree-0.99.49+3-bp154.2.3.2