Releasing pretalx v2024.2.0

Aug. 6, 2024

Coming in just under half a year after our last release, we're happy to announce the release of pretalx v2024.2.0. This release is a maintenance release, so there are no big new features to report.

However, we'd like to ask everybody running a self-hosted pretalx instance to update as soon as possible, as this release includes the fix for a security vulnerability (an XSS attack pertaining to speakers and organisers). We'd like to thank Jorian Woltjer for finding and reporting this issue!

As always, users of pretalx.com don't need to take any action – you're always on the latest version. We have received a report about a security-sensitive misconfiguration on pretalx.com by Sushmita Poudel, and have fixed this issue immediately – we can confirm that neither security issue was exploited on pretalx.com.

Apart from several bug fixes, here are the small – but important! – new features in this pretalx version at a glance:

  • pretalx now supports the ~~ syntax in Markdown used for ~~strikethrough~~
  • When choice questions or multiple-choice questions have a lot of options, they now use a dropdown input with a search input to make finding the right option faster.
  • The schedule editor now allows you to schedule talks that are only “pending accepted” (i.e. the speaker has not yet received the acceptance email), so that organisers can try out how their schedule would look with a given number of tentatively accepted proposals.
  • Administrators / instance owners can now search a list of all users, to trigger account deletion or password resets.
  • All images in forms in the organiser area now include a preview of the saved image, and open a lightbox instead of the image file when clicked.
  • All tables in the organiser area now come with sticky headers, to accommodate the possible increased length of the tables.

If you want to see the complete list of changes, check out the changelog.

Upcoming features

We’re already working on the next release, which will include a number of improvements to the API. As hinted previously, we’re working on an entirely new (writable, eventually!) API, and we’re hoping to show the first steps towards that in our next release.

To get further updates on this new release and all other things pretalx, please follow us in the Fediverse, on LinkedIn, or on Twitter. And of course, if you’d like to contribute or commission new features, get in touch.