NodeJS/matrix-react-sdk/3.64.0-rc.2

SDK for matrix.org using React

Repo Link: https://www.npmjs.com/package/matrix-react-sdk
License: Apache-2.0

3 Security Vulnerabilities

Prototype pollution in matrix-react-sdk

Published date: 2023-03-29T19:34:25Z

CVE: CVE-2023-28103

Links:

Impact

In certain configurations, data sent by remote servers containing special strings in key locations could cause modifications of the Object.prototype, disrupting matrix-react-sdk functionality, causing denial of service and potentially affecting program logic.

(This is part 2, where CVE-2022-36060 / GHSA-2x9c-qwgf-94xr is part 1. Part 2 covers remaining vectors not covered by part 1, found in a codebase audit scheduled after part 1.)

Patches

This is fixed in matrix-react-sdk 3.69.0

Workarounds

None.

References

Release blog post
The advisory GHSA-2x9c-qwgf-94xr (CVE-2022-36060) refers to an initial set of vulnerable locations discovered and patched in matrix-react-sdk 3.53.0. We opted not to disclose that advisory while we performed an audit of the codebase and are now disclosing it jointly with this one.

For more information

If you have any questions or comments about this advisory please email us at security at matrix.org.

Affected versions: ["0.0.1", "0.0.2", "0.1.0", "0.2.0", "0.3.0", "0.3.1", "0.4.0", "0.5.0", "0.5.1", "0.5.2", "0.6.0", "0.6.1", "0.6.2", "0.6.3", "0.6.4", "0.6.4-r1", "0.6.5", "0.6.5-r1", "0.6.5-r2", "0.6.5-r3", "0.7.1", "0.7.2", "0.7.3", "0.7.4", "0.7.5-rc.1", "0.7.5", "0.8.0", "0.8.1-rc.1", "0.8.1-rc.2", "0.8.1", "0.8.2", "0.8.3", "0.8.3-electron", "0.8.4", "0.8.5-rc.1", "0.8.5", "0.8.6-rc.1", "0.8.6-rc.2", "0.8.6-rc.3", "0.8.6", "0.8.7-rc.1", "0.8.7-rc.2", "0.8.7-rc.3", "0.8.7-rc.4", "0.8.7", "0.8.8-rc.1", "0.8.8-rc.2", "0.8.8", "0.8.9-rc.1", "0.8.9", "0.9.0-rc.1", "0.9.0-rc.2", "0.9.0", "0.9.1", "0.9.2", "0.9.3-rc.1", "0.9.3-rc.2", "0.9.3", "0.9.4", "0.9.5-rc.1", "0.9.5-rc.2", "0.9.5", "0.9.6", "0.9.7", "0.10.0-rc.1", "0.10.0-rc.2", "0.10.1-rc.1", "0.10.1", "0.10.2", "0.10.3-rc.1", "0.10.3-rc.2", "0.10.3", "0.10.4-rc.1", "0.10.4", "0.10.5", "0.10.6", "0.10.7-rc.1", "0.10.7-rc.2", "0.10.7-rc.3", "0.10.7", "0.11.0-rc.1", "0.11.0-rc.2", "0.11.0-rc.3", "0.11.0", "0.11.1", "0.11.2", "0.11.3", "0.11.4", "0.12.0-rc.1", "0.12.0-rc.2", "0.12.0-rc.3", "0.12.0-rc.4", "0.11.4-cryptowarning.1", "0.11.4-cryptowarning.2", "0.12.0-rc.5", "0.12.0-rc.6", "0.12.0-rc.7", "0.12.0", "0.12.1", "0.12.2", "0.12.3-rc.1", "0.12.3-rc.2", "0.12.3-rc.3", "0.12.3", "0.12.4-rc.1", "0.12.4-rc.2", "0.12.4-rc.3", "0.12.4-rc.4", "0.12.4-rc.5", "0.12.4-rc.6", "0.12.4", "0.12.5", "0.12.6-rc.1", "0.12.6", "0.12.7-rc.1", "0.12.7", "0.12.8-rc.1", "0.12.8-rc.2", "0.12.8", "0.12.9-rc.1", "0.12.9-rc.2", "0.12.9", "0.13.0-rc.1", "0.13.0-rc.2", "0.13.0", "0.13.1-rc.1", "0.13.1", "0.13.2", "0.13.3-rc.1", "0.13.3-rc.2", "0.13.3", "0.13.4-rc.1", "0.13.4", "0.13.5-rc.1", "0.13.5", "0.13.6", "0.14.0-rc.1", "0.14.0", "0.14.1", "0.14.2-rc.1", "0.14.2", "0.14.3", "0.14.4", "0.14.5-rc.1", "0.14.5-rc.2", "0.14.5", "0.14.6", "0.14.7-rc.1", "0.14.7-rc.2", "0.14.7", "0.14.8-rc.1", "0.14.8", "1.0.0-rc.1", "1.0.0-rc.2", "1.0.0", "1.0.1", "1.0.2-rc.1", "1.0.2-rc.2", "1.0.2-rc.3", "1.0.2-rc.4", "1.0.2", "1.0.3", "1.0.4-rc.1", "1.0.4", "1.0.5", "1.0.6-rc.1", "1.0.6", "1.0.7", "1.1.0-rc.1", "1.1.0", "1.1.1", "1.1.2", "1.2.0-rc.1", "1.2.0", "1.2.1", "1.2.2-rc.1", "1.2.2-rc.2", "1.2.2", "1.3.0-rc.1", "1.3.0", "1.3.1", "1.4.0-rc.1", "1.4.0-rc.2", "1.4.0-rc.3", "1.4.0", "1.5.0-rc.1", "1.5.0", "1.5.1", "1.5.2-rc.1", "1.5.2", "1.5.3-rc.1", "1.5.3-rc.2", "1.5.3-rc.3", "1.5.3", "1.6.0-rc.1", "1.6.0-rc.2", "1.6.0", "1.6.1", "1.6.2-rc.1", "1.6.2", "1.7.0-rc.1", "1.7.0", "1.7.1-rc.1", "1.7.1-rc.2", "1.7.1", "1.7.2", "1.7.3-rc.1", "1.7.3-rc.2", "1.7.3", "1.7.4", "1.7.5-rc.1", "1.7.5", "1.7.6-rc.1", "1.7.6-rc.2", "1.7.6", "2.0.0-rc.2", "2.0.0", "2.1.0-rc.1", "2.1.0-rc.2", "2.1.0", "2.1.1", "2.2.0-rc.1", "2.2.0", "2.2.1", "2.2.2", "2.2.3-rc.1", "2.2.3", "2.3.0-rc.1", "2.3.0", "2.3.1", "2.4.0-rc.1", "2.5.0-rc.1", "2.5.0-rc.2", "2.5.0-rc.3", "2.5.0-rc.4", "2.5.0-rc.5", "2.5.0-rc.6", "2.5.0", "2.6.0-rc.1", "2.6.0", "2.6.1", "2.7.0-rc.1", "2.7.0-rc.2", "2.7.0", "2.7.1", "2.7.2", "2.8.0-rc.1", "2.8.0", "2.8.1", "2.9.0-rc.1", "2.9.0", "2.10.0", "2.10.1", "3.0.0", "3.1.0-rc.1", "3.1.0", "3.2.0-rc.1", "3.2.0", "3.3.0-rc.1", "3.3.0", "3.4.0-rc.1", "3.4.0", "3.4.1", "3.5.0-rc.1", "3.5.0", "3.6.0-rc.1", "3.6.0", "3.6.1", "3.7.0-rc.1", "3.7.0-rc.2", "3.7.0", "3.7.1", "3.8.0-rc.1", "3.8.0", "3.9.0-rc.1", "3.9.0", "3.10.0-rc.1", "3.10.0", "3.11.0-rc.1", "3.11.0-rc.2", "3.11.0", "3.11.1", "3.12.0-rc.1", "3.12.0", "3.12.1", "3.13.0-rc.1", "3.13.0", "3.13.1", "3.14.0-rc.1", "3.14.0", "3.15.0-rc.1", "3.15.0", "3.16.0-rc.1", "3.16.0-rc.2", "3.16.0", "3.17.0-rc.1", "3.17.0", "3.18.0-rc.1", "3.18.0", "3.19.0-rc.1", "3.19.0", "3.20.0-rc.1", "3.20.0", "3.21.0-rc.1", "3.21.0", "3.22.0-rc.1", "3.22.0", "3.23.0-rc.1", "3.23.0", "3.24.0-rc.1", "3.24.0", "3.25.0-rc.1", "3.25.0", "3.26.0-rc.1", "3.26.0", "3.27.0-rc.1", "3.27.0", "3.28.0-rc.1", "3.28.0", "3.28.1", "3.29.0-rc.1", "3.29.0-rc.2", "3.29.0-rc.3", "3.29.0", "3.30.0-rc.1", "3.30.0-rc.2", "3.29.1", "3.30.0", "3.31.0-rc.1", "3.31.0-rc.2", "3.31.0", "3.32.0-rc.1", "3.32.0-rc.2", "3.32.0", "3.32.1", "3.33.0-rc.1", "3.33.0-rc.2", "3.33.0", "3.34.0-rc.1", "3.34.0", "3.35.0-rc.1", "3.35.1", "3.36.0-rc.1", "3.36.0", "3.36.1", "3.37.0-rc.1", "3.37.0", "3.38.0-rc.1", "3.38.0", "3.39.0-rc.1", "3.39.0-rc.2", "3.39.0", "3.39.1", "3.40.0-rc.1", "3.40.0-rc.2", "3.40.0", "3.40.1", "3.41.0-rc.1", "3.41.0", "3.41.1", "3.42.0-rc.1", "3.42.0", "3.42.1-rc.1", "3.42.1", "3.42.2-rc.1", "3.42.2-rc.2", "3.42.2-rc.3", "3.42.2-rc.4", "3.42.3", "3.42.4", "3.43.0-rc.1", "3.43.0", "3.44.0-rc.1", "3.44.0-rc.2", "3.44.0", "3.45.0-rc.2", "3.45.0-rc.3", "3.45.0", "3.46.0-rc.1", "3.46.0", "3.47.0", "3.48.0-rc.1", "3.48.0", "3.49.0-rc.1", "3.49.0-rc.2", "3.49.0", "3.50.0", "3.51.0-rc.1", "3.51.0", "3.52.0-rc.1", "3.52.0-rc.2", "3.52.0", "3.53.0-rc.1", "3.53.0-rc.2", "3.53.0", "3.54.0-rc.1", "3.54.0", "3.55.0-rc.1", "3.55.0", "3.56.0", "3.57.0", "3.58.0-rc.1", "3.58.0-rc.2", "3.58.0", "3.58.1", "3.59.0-rc.1", "3.59.0-rc.2", "3.59.0", "3.59.1", "3.60.0-rc.1", "3.60.0-rc.2", "3.60.0", "3.61.0-rc.1", "3.61.0", "3.62.0-rc.1", "3.62.0-rc.2", "3.62.0", "3.63.0-rc.2", "3.63.0", "3.64.0-rc.1", "3.64.0-rc.2", "3.64.0-rc.3", "3.64.0-rc.4", "3.64.0", "3.64.1", "3.64.2", "3.65.0-rc.1", "3.65.0", "3.66.0-rc.1", "3.66.0", "3.67.0-rc.1", "3.67.0-rc.2", "3.67.0", "3.68.0-rc.1", "3.68.0-rc.2", "3.68.0-rc.3", "3.68.0"]

Secure versions: [3.76.0, 3.77.0-rc.1, 3.77.0, 3.77.1, 3.78.0-rc.1, 3.78.0, 3.79.0-rc.2, 3.79.0, 3.80.0-rc.1, 3.80.0-rc.2, 3.80.0, 3.80.1, 3.81.0-rc.1, 3.81.0, 3.81.1, 3.82.0-rc.1, 3.82.0, 3.83.0-rc.1, 3.83.0, 3.84.0-rc.1, 3.84.0, 3.84.1, 3.85.0-rc.0, 3.85.0-rc.1, 3.85.0, 3.86.0-rc.2, 3.86.0, 3.87.0-rc.0, 3.87.0, 3.88.0, 3.89.0-rc.0, 3.89.0, 3.90.0, 3.91.0-rc.0, 3.91.0-rc.1, 3.91.0, 3.92.0-rc.0, 3.92.0-rc.1, 3.92.0, 3.93.0-rc.0, 3.93.0, 3.94.0-rc.0, 3.94.0, 3.95.0-rc.0, 3.95.0, 3.96.0-rc.0, 3.96.0, 3.96.1, 3.97.0-rc.0, 3.97.0, 3.98.0-rc.0, 3.98.0]

Recommendation: Update to version 3.98.0.

matrix-react-sdk vulnerable to XSS in Export Chat feature

Published date: 2023-07-18T16:58:01Z

CVE: CVE-2023-37259

Links:

Description

The Export Chat feature includes certain attacker-controlled elements in the generated document without sufficient escaping, leading to stored XSS.

Impact

Since the Export Chat feature generates a separate document, an attacker can only inject code run from the null origin, restricting the impact.

However, the attacker can still potentially use the XSS to leak message contents. A malicious homeserver is a potential attacker since the affected inputs are controllable server-side.

Patches

This was patched in matrix-react-sdk 3.76.0.

Workarounds

None, other than not using the Export Chat feature.

References

N/A

Affected versions: ["3.32.0", "3.32.1", "3.33.0-rc.1", "3.33.0-rc.2", "3.33.0", "3.34.0-rc.1", "3.34.0", "3.35.0-rc.1", "3.35.1", "3.36.0-rc.1", "3.36.0", "3.36.1", "3.37.0-rc.1", "3.37.0", "3.38.0-rc.1", "3.38.0", "3.39.0-rc.1", "3.39.0-rc.2", "3.39.0", "3.39.1", "3.40.0-rc.1", "3.40.0-rc.2", "3.40.0", "3.40.1", "3.41.0-rc.1", "3.41.0", "3.41.1", "3.42.0-rc.1", "3.42.0", "3.42.1-rc.1", "3.42.1", "3.42.2-rc.1", "3.42.2-rc.2", "3.42.2-rc.3", "3.42.2-rc.4", "3.42.3", "3.42.4", "3.43.0-rc.1", "3.43.0", "3.44.0-rc.1", "3.44.0-rc.2", "3.44.0", "3.45.0-rc.2", "3.45.0-rc.3", "3.45.0", "3.46.0-rc.1", "3.46.0", "3.47.0", "3.48.0-rc.1", "3.48.0", "3.49.0-rc.1", "3.49.0-rc.2", "3.49.0", "3.50.0", "3.51.0-rc.1", "3.51.0", "3.52.0-rc.1", "3.52.0-rc.2", "3.52.0", "3.53.0-rc.1", "3.53.0-rc.2", "3.53.0", "3.54.0-rc.1", "3.54.0", "3.55.0-rc.1", "3.55.0", "3.56.0", "3.57.0", "3.58.0-rc.1", "3.58.0-rc.2", "3.58.0", "3.58.1", "3.59.0-rc.1", "3.59.0-rc.2", "3.59.0", "3.59.1", "3.60.0-rc.1", "3.60.0-rc.2", "3.60.0", "3.61.0-rc.1", "3.61.0", "3.62.0-rc.1", "3.62.0-rc.2", "3.62.0", "3.63.0-rc.2", "3.63.0", "3.64.0-rc.1", "3.64.0-rc.2", "3.64.0-rc.3", "3.64.0-rc.4", "3.64.0", "3.64.1", "3.64.2", "3.65.0-rc.1", "3.65.0", "3.66.0-rc.1", "3.66.0", "3.67.0-rc.1", "3.67.0-rc.2", "3.67.0", "3.68.0-rc.1", "3.68.0-rc.2", "3.68.0-rc.3", "3.68.0", "3.69.0", "3.69.1", "3.70.0-rc.1", "3.70.0", "3.71.0-rc.1", "3.71.0", "3.71.1", "3.72.0-rc.1", "3.72.0-rc.2", "3.72.0", "3.73.0-rc.1", "3.73.0-rc.2", "3.73.0-rc.3", "3.73.0", "3.73.1", "3.74.0-rc1", "3.74.0", "3.75.0-rc.1", "3.75.0", "3.76.0-rc.1", "3.76.0-rc.2"]

Recommendation: Update to version 3.98.0.

HTML injection in search results via plaintext message highlighting

Published date: 2023-04-25T19:48:11Z

CVE: CVE-2023-30609

Links:

Impact

Plain text messages containing HTML tags are rendered as HTML in the search results. To exploit this, an attacker needs to trick a user into searching for a specific message containing an HTML injection payload.

Cross-site scripting is possible by including resources from recaptcha.net and gstatic.com which are included in the default CSP.

Thanks to Cadence Ember for finding the injection and to S1m for finding possible XSS vectors.

Patches

Version 3.71.0 of the SDK fixes the issue.

Workarounds

Restarting the client will clear the injection.

Recommendation: Update to version 3.98.0.

510 Other Versions

Version	License	Security	Released
3.98.0	Apache-2.0		2024-04-23 - 12:58	7 days
3.98.0-rc.0	Apache-2.0		2024-04-16 - 12:24	14 days
3.97.0	Apache-2.0		2024-04-09 - 10:14	21 days
3.97.0-rc.0	Apache-2.0		2024-04-02 - 16:25	28 days
3.96.1	Apache-2.0		2024-03-28 - 16:55	about 1 month
3.96.0	Apache-2.0		2024-03-26 - 16:37	about 1 month
3.96.0-rc.0	Apache-2.0		2024-03-19 - 15:19	about 1 month
3.95.0	Apache-2.0		2024-03-14 - 17:16	about 2 months
3.95.0-rc.0	Apache-2.0		2024-03-14 - 16:42	about 2 months
3.94.0	Apache-2.0		2024-03-12 - 18:41	about 2 months
3.94.0-rc.0	Apache-2.0		2024-03-05 - 14:11	about 2 months
3.93.0	Apache-2.0		2024-02-27 - 13:00	2 months
3.93.0-rc.0	Apache-2.0		2024-02-21 - 18:21	2 months
3.92.0	Apache-2.0		2024-02-13 - 15:04	3 months
3.92.0-rc.1	Apache-2.0		2024-02-06 - 15:46	3 months
3.92.0-rc.0	Apache-2.0		2024-02-02 - 15:09	3 months
3.91.0	Apache-2.0		2024-01-31 - 14:54	3 months
3.91.0-rc.1	Apache-2.0		2024-01-24 - 16:41	3 months
3.91.0-rc.0	Apache-2.0		2024-01-23 - 18:44	3 months
3.90.0	Apache-2.0		2024-01-19 - 13:51	3 months
3.89.0	Apache-2.0		2024-01-16 - 17:42	3 months
3.89.0-rc.0	Apache-2.0		2024-01-09 - 17:59	4 months
3.88.0	Apache-2.0		2024-01-04 - 14:34	4 months
3.87.0	Apache-2.0		2023-12-19 - 15:55	4 months
3.87.0-rc.0	Apache-2.0		2023-12-12 - 17:03	5 months
3.86.0	Apache-2.0		2023-12-05 - 14:00	5 months
3.86.0-rc.2	Apache-2.0		2023-11-28 - 17:11	5 months
3.85.0	Apache-2.0		2023-11-21 - 11:12	5 months
3.85.0-rc.1	Apache-2.0		2023-11-14 - 15:58	6 months
3.85.0-rc.0	Apache-2.0		2023-11-14 - 14:42	6 months
3.84.1	Apache-2.0		2023-11-13 - 09:52	6 months
3.84.0	Apache-2.0		2023-11-07 - 15:18	6 months
3.84.0-rc.1	Apache-2.0		2023-10-31 - 14:50	6 months
3.83.0	Apache-2.0		2023-10-24 - 14:38	6 months
3.83.0-rc.1	Apache-2.0		2023-10-17 - 14:22	7 months
3.82.0	Apache-2.0		2023-10-10 - 08:25	7 months
3.82.0-rc.1	Apache-2.0		2023-10-03 - 10:54	7 months
3.81.1	Apache-2.0		2023-09-29 - 10:17	7 months
3.81.0	Apache-2.0		2023-09-26 - 12:00	7 months
3.81.0-rc.1	Apache-2.0		2023-09-19 - 11:44	7 months
3.80.1	Apache-2.0		2023-09-13 - 11:03	8 months
3.80.0	Apache-2.0		2023-09-12 - 16:01	8 months
3.80.0-rc.2	Apache-2.0		2023-09-08 - 11:01	8 months
3.80.0-rc.1	Apache-2.0		2023-09-05 - 16:01	8 months
3.79.0	Apache-2.0		2023-08-29 - 10:02	8 months
3.79.0-rc.2	Apache-2.0		2023-08-23 - 10:48	8 months
3.78.0	Apache-2.0		2023-08-15 - 12:27	9 months
3.78.0-rc.1	Apache-2.0		2023-08-08 - 14:15	9 months
3.77.1	Apache-2.0		2023-08-04 - 08:27	9 months
3.77.0	Apache-2.0		2023-08-01 - 11:42	9 months
3.77.0-rc.1	Apache-2.0		2023-07-27 - 08:43	9 months
3.76.0	Apache-2.0		2023-07-18 - 13:05	10 months
3.76.0-rc.2	Apache-2.0	1	2023-07-14 - 15:29	10 months
3.76.0-rc.1	Apache-2.0	1	2023-07-11 - 14:48	10 months
3.75.0	Apache-2.0	1	2023-07-04 - 14:19	10 months
3.75.0-rc.1	Apache-2.0	1	2023-06-27 - 11:08	10 months
3.74.0	Apache-2.0	1	2023-06-20 - 09:23	11 months
3.74.0-rc1	Apache-2.0	1	2023-06-13 - 11:42	11 months
3.73.1	Apache-2.0	1	2023-06-09 - 08:43	11 months
3.73.0	Apache-2.0	1	2023-06-06 - 13:28	11 months
3.73.0-rc.3	Apache-2.0	1	2023-06-01 - 16:02	11 months
3.73.0-rc.2	Apache-2.0	1	2023-05-19 - 15:59	12 months
3.73.0-rc.1	Apache-2.0	1	2023-05-16 - 13:10	12 months
3.72.0	Apache-2.0	1	2023-05-10 - 11:23	12 months
3.72.0-rc.2	Apache-2.0	1	2023-05-05 - 14:18	12 months
3.72.0-rc.1	Apache-2.0	1	2023-05-02 - 10:41	12 months
3.71.1	Apache-2.0	1	2023-04-25 - 09:58	about 1 year
3.71.0	Apache-2.0	1	2023-04-25 - 09:19	about 1 year
3.71.0-rc.1	Apache-2.0	2	2023-04-18 - 10:57	about 1 year
3.70.0	Apache-2.0	2	2023-04-11 - 13:09	about 1 year
3.70.0-rc.1	Apache-2.0	2	2023-04-04 - 11:04	about 1 year
3.69.1	Apache-2.0	2	2023-03-31 - 09:01	about 1 year
3.69.0	Apache-2.0	2	2023-03-28 - 13:26	about 1 year
3.68.0	Apache-2.0	3	2023-03-15 - 12:52	about 1 year
3.68.0-rc.3	Apache-2.0	3	2023-03-14 - 11:39	about 1 year
3.68.0-rc.2	Apache-2.0	3	2023-03-10 - 15:07	about 1 year
3.68.0-rc.1	Apache-2.0	3	2023-03-07 - 11:34	about 1 year
3.67.0	Apache-2.0	3	2023-02-28 - 10:49	about 1 year
3.67.0-rc.2	Apache-2.0	3	2023-02-22 - 11:23	about 1 year
3.67.0-rc.1	Apache-2.0	3	2023-02-21 - 13:10	about 1 year
3.66.0	Apache-2.0	3	2023-02-14 - 10:33	about 1 year
3.66.0-rc.1	Apache-2.0	3	2023-02-07 - 12:14	about 1 year
3.65.0	Apache-2.0	3	2023-01-31 - 10:59	about 1 year
3.65.0-rc.1	Apache-2.0	3	2023-01-24 - 11:28	over 1 year
3.64.2	Apache-2.0	3	2023-01-20 - 12:32	over 1 year
3.64.1	Apache-2.0	3	2023-01-18 - 21:56	over 1 year
3.64.0	Apache-2.0	3	2023-01-18 - 13:46	over 1 year
3.64.0-rc.4	Apache-2.0	3	2023-01-17 - 09:18	over 1 year
3.64.0-rc.3	Apache-2.0	3	2023-01-13 - 10:47	over 1 year
3.64.0-rc.2	Apache-2.0	3	2023-01-12 - 13:46	over 1 year
3.64.0-rc.1	Apache-2.0	3	2023-01-11 - 13:47	over 1 year
3.63.0	Apache-2.0	3	2022-12-21 - 17:17	over 1 year
3.63.0-rc.2	Apache-2.0	3	2022-12-14 - 09:33	over 1 year
3.62.0	Apache-2.0	3	2022-12-06 - 12:51	over 1 year
3.62.0-rc.2	Apache-2.0	3	2022-12-02 - 16:35	over 1 year
3.62.0-rc.1	Apache-2.0	3	2022-11-29 - 15:44	over 1 year
3.61.0	Apache-2.0	3	2022-11-22 - 11:42	over 1 year
3.61.0-rc.1	Apache-2.0	3	2022-11-15 - 18:07	over 1 year
3.60.0	Apache-2.0	3	2022-11-08 - 14:44	over 1 year
3.60.0-rc.2	Apache-2.0	3	2022-11-08 - 13:13	over 1 year