项目

一般

简介

Redmine 0.7.3 released

Lang Jean-Philippe超过 16 年 之前添加

Yet another bug fix release. See the [[Changelog]] for more details.
As Redmine 0.7.3 fixes several XSS vulnerabilities, users are highly encouraged to upgrade to this new release.

No database migration is needed when upgrading from previous 0.7.x versions.
This release is still running with Rails 2.0.2.

It can be downloaded at Rubyforge.


评论

Lang Jean-Philippe超过 16 年 之前添加

The vulnerability report at JVN: http://jvn.jp/en/jp/JVN00945448/index.html

Gallop Mark超过 16 年 之前添加

Jean-Philippe,

Can you please indicate which commit fixes the XSS vulnerabilities? I would like to apply the changes to an custom version of Redmine.

Cheers,
Mark

Lang Jean-Philippe超过 16 年 之前添加

See r1612.

点赞0