[typo] Typo 5.0.4 beta 2 is out, fixes a critical security vulnerability

de Villamil Frédéric frederic at de-villamil.com
Mon Jun 30 18:01:26 EDT 2008

Michael Morin has discovered a critical vulnerability in Typo priori  
to release which may lead to arbitrary code execution and  
privilege escalation on Typo blogs. Even though 5.0.4b1 was released  
yesterday, this vulnerability is critical enough to make us release  
5.0.4b2 today.

This release also fixes a bunch of bugs such as :
– Missing dependencies in the installer (thx Scott Likens for pointing  
this out)
– articles.rss and articles.atom bad naming.
– Bad unordered lists display on the new default theme.

You can download typo at http://rubyforge.org/frs/?group_id=555&release_id=23488 
  or just update your gem.

Frédéric / neuro

Frédéric de Villamil
frederic at de-villamil.com                        tel: +33 (0)6 62 19 1337
http://fredericdevillamil.com             Typo : http://typosphere.org

More information about the Typo-list mailing list