Redmine 1.0.5 bug/security fix released

Added by Jean-Philippe Lang over 13 years ago

Among 11 bug fixes, Redmine 1.0.5 solves the incompatibility with the i18n 0.5.0 gem. The appropriate i18n gem version (0.4.2) is now required, you can install it using:

gem install i18n -v=0.4.2
This release also fixes 3 security issues reported by joernchen of Phenoelit:
  • logged in users may be able to access private data (affected versions: 1.0.x)
  • persistent XSS vulnerability in textile formatter (affected versions: all previous releases)
  • remote command execution in bazaar repository adapter (affected versions: 0.9.x, 1.0.x)

All Redmine users are highly recommended to upgrade to this latest release.


Added by Terence Mill over 13 years ago

A present right before Christmas. Tx to all contributors!

Added by Thomas Pihl over 13 years ago

Good job.

Merry Christmas!

Added by Deoren Moor over 13 years ago

Thanks team!