thr3ads.net - Instiki users - [Instiki-devel] *security* Instiki 0.11.pl1 Released! XSS cross site scripting vulnerability [Feb 2007]

If this information is useful, please help other people find it:
Share via:

Matthias Tarasiewicz

2007-Feb-28 09:35 UTC

[Instiki-devel] security Instiki 0.11.pl1 Released! XSS cross site scripting vulnerability

Jaques Distler reported a vulnerability of instiki to Cross-Site
Scripting (XSS).
That''s why i released a new version of Instiki yesterday: Instiki
0.11.pl1 (Patch Level 1)

People running Instiki 0.11 should update immediately to Instiki
0.11pl1 - on the usual Location:
http://rubyforge.org/frs/?group_id=186

This version also includes some fixes and minor enhancements. It is
also the last version to support windows 98. See the Changelog for
more information
http://rubyforge.org/frs/shownotes.php?group_id=186&release_id=10014

People running OSX should consider running the current trunk version
of instiki, as 0.11.pl1 still has the same issues as 0.11 had
regarding sqlite and readline. Oleg Kourapov  and me are searching for
ways to get the three-step installation feature back for OSX.

We are already working on 0.12, please be patient, since this
security-release now delayed the 0.12 version a little.

all the best,
parasew

Instiki users - Feb 2007 - *security* Instiki 0.11.pl1 Released! XSS cross site scripting vulnerability

[Instiki-devel] *security* Instiki 0.11.pl1 Released! XSS cross site scripting vulnerability

Instiki users - Feb 2007 - security Instiki 0.11.pl1 Released! XSS cross site scripting vulnerability

[Instiki-devel] security Instiki 0.11.pl1 Released! XSS cross site scripting vulnerability