Redmine 0.8.4 security/bug fix released

Added by Jean-Philippe Lang about 10 years ago

Redmine 0.8.4 fixes a vulnerability related to the 'autologin' feature. This vulnerability may affect people using Redmine with Phusion Passenger (a.k.a. mod_rails/mod_rack) and thus, upgrading is highly recommended. If you're not able to upgrade, you should disable the 'autologin' feature.

This release also fixes a memory consumption on big files upload.

As previous 0.8.x releases, it's still running with Rails 2.1.2.
You can see the list of changes in the Changelog and download this release at Rubyforge.


Comments

Added by Kenn Wilson about 10 years ago

Just a note that, as of about 13 hours after this was posted, 0.8.4 has not yet been tagged Could you please remember to tag these releases for those of us who install/update Redmine via svn checkout/svn switch?

Thanks!

Added by Rachel Me about 10 years ago

+1 Just saw this announcement and was about to use svn to switch but am unable to.

Added by Jean-Philippe Lang about 10 years ago

Tag is added

Added by Kenn Wilson about 10 years ago

Great, thank you!

Added by billy chou about 10 years ago

Nice work!
Keep going, thanks!

Added by Dmitry LZ about 10 years ago

TNX!

Added by der Spinner almost 10 years ago

Спасибо!

Added by Vimal George almost 10 years ago

Thanks for the tip. Updated to 0.8.4.

Added by Emilio González Montaña almost 10 years ago

What's happenning with Redmine?, there is no releases from May, and the closed issues of version 0.8.5 and 0.9 are more or less the same.

Is this a summer problem?, or is there any important problem beyond?.

Added by Richard Bacon almost 10 years ago

I'm also interested in the status of this project as it looks ideal for my purposes. Can anyone fill me in?

Added by Emilio González Montaña almost 10 years ago

Still no answer... please send us a keep alive ;)