From c11e5a7e1d98edfa7fade1dce87ce247856ec7fd Mon Sep 17 00:00:00 2001
From: Nathan Fretz <nmfretz@gmail.com>
Date: Thu, 7 Nov 2024 12:52:47 +1000
Subject: [PATCH] Update octoprint to 1.10.3 (#1747)

---
 octoprint/docker-compose.yml |  2 +-
 octoprint/umbrel-app.yml     | 18 +++++++++++-------
 2 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/octoprint/docker-compose.yml b/octoprint/docker-compose.yml
index 366f2f4..109dfcc 100644
--- a/octoprint/docker-compose.yml
+++ b/octoprint/docker-compose.yml
@@ -8,7 +8,7 @@ services:
       PROXY_AUTH_ADD: "false"
 
   web:
-    image: octoprint/octoprint:1.10.2@sha256:dcc74b1a6074972ba2fce80e1abc80e98e2603adcab771918d89abaed2e4c277
+    image: octoprint/octoprint:1.10.3@sha256:0ca71aec3b9421e8825072219f0638a14ddf102064127519791545ae5c2396fc
     privileged: true
     volumes:
       - ${APP_DATA_DIR}/data:/octoprint
diff --git a/octoprint/umbrel-app.yml b/octoprint/umbrel-app.yml
index 7afbcfa..545b2a8 100644
--- a/octoprint/umbrel-app.yml
+++ b/octoprint/umbrel-app.yml
@@ -2,7 +2,7 @@ manifestVersion: 1
 id: octoprint
 category: files
 name: OctoPrint
-version: "1.10.2"
+version: "1.10.3"
 tagline: A snappy web interface for your 3D printer
 description: >-
   OctoPrint provides a snappy web interface for controlling consumer 3D printers.
@@ -17,16 +17,20 @@ support: https://community.octoprint.org/
 port: 5003
 submitter: mateosilguero
 releaseNotes: >-
-  ✋ Heads-up
+  ⚠️ Important security update that fixes vulnerabilities related to XSS and API key management
 
-    As of Octoprint 1.10.0, you are required to re-enter your password on critical operations (e.g. adding/changing/deleting users and groups, installing plugins, revealing the deprecated global API key, etc).
 
+  🔒 Security fixes:
+    - Fixed vulnerabilities in the login dialog and application key confirmation dialog
+    - Fixed vulnerability related to API key management that could allow unauthorized access
+    - Improved security of internal key generation
+    - Removed version number from discovery to prevent information leakage
 
-  🐛 Bug fixes
 
-    - Fixed a translation string in the German translation.
-    - Fixed a third-party dependency change that broke a development command.
-    - Improved the behavior of the "Hide successful prints" filter in the file list.
+  🐛 Bug fixes:
+    - Fixed issues with reverse proxy configuration
+    - Fixed file list caching behavior
+    - Fixed plugin installation queuing
 
   Full release notes are found at https://github.com/OctoPrint/OctoPrint/releases
 submission: https://github.com/getumbrel/umbrel-apps/pull/449