This is a maintenance release with the following fixes:
- [Security] Do not allow … as a file and folder name
- [Security] Sending links with passwords has no HTML escape for the passwords
- [fix] Fix preview support for TIFF images
- [fix] Check the length of email in login form, preventing too long input
- [fix] Use user name instead of user ID in email content
- [Security] auth-token API also prevent brute force attack
- [fix] Fix a bug that system admin can not share a library in admin panel