SECURITY: Trac 0.10.5 Released

[Jonas Borgström]

Release Notes for Trac 0.10.5
=============================
June 22, 2008

(Note: Trac 0.11 will also be released later today)

We're happy to announce the Trac 0.10.5 release, available from:

http://trac.edgewall.org/wiki/TracDownload

For questions, comments and user discussions, please use the Trac
mailing list. List information, subscription and archive available at:

http://trac.edgewall.org/wiki/MailingList

Trac 0.10.5 contains two security fixes and a couple of bug fixes.
The following list contains only a few highlights:

* Fixes a cross-site redirection vulnerability in the quickjump
function reported by Russ McRee.
* Fixes a wiki engine XSS vulnerability found by Nathan Collins.
* Added PostgreSQL 8.3 support.
* Fixes FineGrainedPermissions for scoped repositories.
* Fixes problem with repository syncing raising exceptions.

The complete list of closed tickets can be found here:
http://trac.edgewall.org/query?status=closed&milestone=0.10.5

Acknowledgements
================

Many thanks to the growing number of people who have, and continue to,
support the project. Also our thanks to all people providing feedback
and bug reports that helps us make Trac better, easier to use and more
effective.

Without your invaluable help, Trac would not evolve. Thank you all.

Finally, we offer hope that Trac will prove itself useful to like-minded
programmers around the world, and that this release will prove an
improvement over the last version.

Please let us know. :-)

/The Trac Team http://trac.edgewall.org/