Redmine 1.0.5 bug/security fix released

Added by Jean-Philippe Lang over 13 years ago

Among 11 bug fixes, Redmine 1.0.5 solves the incompatibility with the i18n 0.5.0 gem. The appropriate i18n gem version (0.4.2) is now required, you can install it using:

gem install i18n -v=0.4.2

This release also fixes 3 security issues reported by joernchen of Phenoelit:

logged in users may be able to access private data (affected versions: 1.0.x)
persistent XSS vulnerability in textile formatter (affected versions: all previous releases)
remote command execution in bazaar repository adapter (affected versions: 0.9.x, 1.0.x)

All Redmine users are highly recommended to upgrade to this latest release.

Comments

Added by Terence Mill over 13 years ago

A present right before Christmas. Tx to all contributors!

Added by Thomas Pihl over 13 years ago

Good job.

Merry Christmas!
BR
Thomas

Added by Deoren Moor over 13 years ago

Thanks team!

Project

General

Profile

Redmine

Redmine 1.0.5 bug/security fix released

Comments

Added by Terence Mill over 13 years ago

Added by Thomas Pihl over 13 years ago

Added by Deoren Moor over 13 years ago