Amara release notes 2016-02-16

  • 823 – A number of TED users cannot sign in to Amara
  • 1057 – Modify signup procedure to avoid creating multiple SocialAuth accounts by the same user
  • 2419 – Use full usernames for editor notes
  • 2458 – Wrong time calculation for some videos
  • enterprise-511 – Improvements in user account policies
  • enterprise-542 – CSRF Vulnerability with auth delete page
  • enterprise-550 – Make users’ email addresses secure
  • enterprise-551 – Enable users with FB / Twitter accounts to set a valid email address
  • A number of infrastructure updates.

Our sincere thanks go out to Sheher Yaar and Pratik Satapathy who have reported security issues that were fixed in this release.