v2.4.3 patch release
Videosync v2.4.3 - Security Patch
October 15, 2025
security bugfix
Videosync v2.4.3 - Security Patch
Release Date: October 15, 2025
This is a security patch release addressing critical vulnerabilities. We strongly recommend all users upgrade immediately.
🔒 Security Fixes
High Priority
- CVE-2025-XXXX: Fixed authentication bypass vulnerability
- Session handling: Improved token validation and rotation
- XSS prevention: Enhanced input sanitization
Medium Priority
- Rate limiting: Added rate limiting to API endpoints
- CORS policy: Tightened CORS configuration
🐛 Bug Fixes
- Fixed memory leak in WebSocket connections
- Resolved issue with event recordings not saving properly
- Fixed participant list not updating in real-time
📦 Upgrade Instructions
Critical - Upgrade Immediately
For Cloud Customers: Updates are being deployed automatically. No action required.
For Self-Hosted Customers:
# Backup first
pg_dump videosync > backup.sql
# Update
git fetch origin
git checkout v2.4.3
npm install
npm run migrate
# Restart
systemctl restart videosync🔍 Technical Details
For detailed information about the security vulnerabilities, please see our security advisory.
Questions? Contact our security team at security@videosync.fi