[ANNOUNCEMENT] diaspora* security release 0.4.1.2
21 views
Skip to first unread message
Jonne Haß
Oct 30, 2014, 4:52:27 PM10/30/14
to diaspora...@googlegroups.com, diaspo...@googlegroups.com
We just released diaspora* version 0.4.1.1 which fixes CVE-2014-7818[1]
by updating Rails to 3.2.20. Note that our recommended setup with a
static files serving reverse proxy in place is not vulnerable to this
issue. We recommend everybody to update nonetheless. Please refer to the
CVE for further details. Update instructions can be found as usual at
https://wiki.diasporafoundation.org/Updating.
- The diaspora* development team
[1]:
https://groups.google.com/forum/#!topic/rubyonrails-security/dCp7duBiQgo
by updating Rails to 3.2.20. Note that our recommended setup with a
static files serving reverse proxy in place is not vulnerable to this
issue. We recommend everybody to update nonetheless. Please refer to the
CVE for further details. Update instructions can be found as usual at
https://wiki.diasporafoundation.org/Updating.
- The diaspora* development team
[1]:
https://groups.google.com/forum/#!topic/rubyonrails-security/dCp7duBiQgo
Reply all
Reply to author
Forward
0 new messages