[typo] [ANN] Typo 6.1.2 - critical security bugfix

Frédéric de Villamil frederic at de-villamil.com
Sat Jan 19 14:09:14 UTC 2013


Let's awake this long dormant list with all our wishes for an awesome year 2013. As you can see, the project is still alive, and we're happy to announce the release of Typo 6.1.2, which is the second of the Remi Ochlik series.

This release fixes a critical Rails security breach. This breach has been present in every Rails version so far, and may allow an attacker to execute some arbitrary code on your host.

The easiest way to update a Typo blog is: 

1. Download Typo 6.1.2,  http://typosphere.org/stable.tgz
2. Copy the archive content on your host.
3. Edit config/database.yml and fill in your database credential. If you're using the MySQL adapter, you'll have to switch to mysql2.
4. Run "bundle install"
5. Run rake db:migrate

Then, copy your theme, files etc... into your new Typo application.

Typo 6.1.2 also provides some new feature, such as native Heoku support, and bug fixes. Please read the full release note on our blog: http://blog.typosphere.org/typo-6-1-2-remi-ochlik-critical-security-and-bug-fixes.html

In caes you want to try before you buy, you can test Typo 6.1.2 on our demo site: http://demo.typosphere.org/

Have a great week-end,
Fred, Matijs, Yannick and Thomas.

Frédéric de Villamil / @fdevillamil
I'm not strange, weird, off, nor crazy, my reality is just different from yours.
Le Rayon UX – http://t37.net

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rubyforge.org/pipermail/typo-list/attachments/20130119/b68ec155/attachment-0001.html>

More information about the Typo-list mailing list