[typo] Typo 5.0.4 beta 2 is out, fixes a critical security vulnerability
de Villamil Frédéric
frederic at de-villamil.com
Mon Jun 30 18:01:26 EDT 2008
Michael Morin has discovered a critical vulnerability in Typo priori
to release 22.214.171.124.1 which may lead to arbitrary code execution and
privilege escalation on Typo blogs. Even though 5.0.4b1 was released
yesterday, this vulnerability is critical enough to make us release
This release also fixes a bunch of bugs such as :
– Missing dependencies in the installer (thx Scott Likens for pointing
– articles.rss and articles.atom bad naming.
– Bad unordered lists display on the new default theme.
You can download typo at http://rubyforge.org/frs/?group_id=555&release_id=23488
or just update your gem.
Frédéric / neuro
Frédéric de Villamil
frederic at de-villamil.com tel: +33 (0)6 62 19 1337
http://fredericdevillamil.com Typo : http://typosphere.org
More information about the Typo-list