redash v10.1.0 Release Notes

Release Date: 2021-11-23 // over 2 years ago
  • ๐Ÿš€ This release includes patches for three security vulnerabilities:

    • Insecure default configuration affects installations where REDASH_COOKIE_SECRET is not set explicitly (CVE-2021-41192)
    • SSRF vulnerability affects installations that enabled URL-loading data sources (CVE-2021-43780)
    • Incorrect usage of state parameter in OAuth client code affects installations where Google Login is enabled (CVE-2021-43777)

    ๐Ÿ”€ And a couple features that didn't merge in time for 10.0.0

    • Big Query: Speed up schema loading (#5632)
    • โž• Add support for Firebolt data source (#5606)
    • ๐Ÿ›  Fix: Loading schema for Sqlite DB with "Order" column name fails (#5623)

Previous changes from v10.0.0

  • ๐Ÿ”€ A few changes were merged during the V10 beta period.

    • ๐Ÿ†• New Data Source: CSV/Excel Files
    • ๐Ÿ›  Fix: Edit Source button disappeared for users without CanEdit permissions
    • ๐Ÿ— We pinned our docker base image to Python3.7-slim-buster to avoid build issues
    • ๐Ÿ›  Fix: dashboard list pagination didn't work