We would like to give a special thanks to **Maxim Suslov** (independent security researcher), [E99p1ant](https://github.com/wuhan005) to report the security problems from huntr and thanks to [@lunny](https://gitea.com/lunny), [@zeripath](https://gitea.com/zeripath) and [@6543](https://gitea.com/6543) for submitting the security patches for this release.
You can download one of our pre-built binaries from our [downloads page](https://dl.gitea.io/gitea/1.16.4/) - make sure to select the correct platform! For further details on how to install, follow our [installation guide](https://docs.gitea.io/en-us/install-from-binary/).
We would also like to thank all of our supporters on [Open Collective](https://opencollective.com/gitea) who are helping to sustain us financially.
**Have you heard? We now have a [swag shop](https://shop.gitea.io)! :shirt: :tea:**
* Update the webauthn_credential_id_sequence in Postgres ([#19048](https://github.com/go-gitea/gitea/pull/19048)) ([#19060](https://github.com/go-gitea/gitea/pull/19060))
* Prevent 500 when there is an error during new auth source post ([#19041](https://github.com/go-gitea/gitea/pull/19041)) ([#19059](https://github.com/go-gitea/gitea/pull/19059))
* If rendering has failed due to a net.OpError stop rendering (attempt 2) ([#19049](https://github.com/go-gitea/gitea/pull/19049)) ([#19056](https://github.com/go-gitea/gitea/pull/19056))
* Fix flag validation ([#19046](https://github.com/go-gitea/gitea/pull/19046)) ([#19051](https://github.com/go-gitea/gitea/pull/19051))
* Ignore missing comment for user notifications ([#18954](https://github.com/go-gitea/gitea/pull/18954)) ([#19043](https://github.com/go-gitea/gitea/pull/19043))
* Set `rel="nofollow noindex"` on new issue links ([#19023](https://github.com/go-gitea/gitea/pull/19023)) ([#19042](https://github.com/go-gitea/gitea/pull/19042))