项目

一般

简介

Redmine 0.7.3 released

Lang Jean-Philippe将近 17 年 之前添加

Yet another bug fix release. See the Changelog for more details.
As Redmine 0.7.3 fixes several XSS vulnerabilities, users are highly encouraged to upgrade to this new release.

No database migration is needed when upgrading from previous 0.7.x versions.
This release is still running with Rails 2.0.2.

It can be downloaded at Rubyforge.


评论

Lang Jean-Philippe将近 17 年 之前添加

The vulnerability report at JVN: http://jvn.jp/en/jp/JVN00945448/index.html

Gallop Mark将近 17 年 之前添加

Jean-Philippe,

Can you please indicate which commit fixes the XSS vulnerabilities? I would like to apply the changes to an custom version of Redmine.

Cheers,
Mark

Lang Jean-Philippe将近 17 年 之前添加

See r1612.

点赞0