ChiliProject 3.8.0 released: Security Update

ChiliProject 3.8.0 has just been released. This release is a security release to fix security issues in Rails (CVE-2013-1854 among other security advisories not relevant to ChiliProject). This release contains no new features and 3 other bug fixes. It is suitable for use on production websites running ChiliProject 3.x. While the issue can only be exploited for DoS attacks, we […]

Read full story Comments { 2 }

ChiliProject 2.11.0 released: Security Update

ChiliProject 2.11.0 has just been released. This release is a security release to fix security issues in Rails (CVE-2013-1854 among other security advisories not relevant to ChiliProject). This release contains no other bug fixes or new features and is released for users who are unable to upgrade to ChiliProject 3.8.0. It is suitable for use on production websites running ChiliProject 2.x. While […]

Read full story Comments { 2 }

ChiliProject 3.7.0 released: Important security update!

ChiliProject 3.7.0 has just been released. This release is a security release to fix security issues in Rails (CVE-2013-0277), the JSON gem (CVE-2013-0333, CVE-2013-0269) and with MySQL’s handling of strings and numbers during value comparison. This release contains no new features and 1 other bug fix for last tag in the Liquid template language. It is suitable for use […]

Read full story Comments { 0 }

ChiliProject 2.10.0 released: Important Security Update!

ChiliProject 2.10.0 has just been released. This release is a security release to fix security issues in Rails (CVE-2013-0277), the JSON gem (CVE-2013-0333, CVE-2013-0269) and with MySQL’s handling of strings and numbers during value comparison. This release contains no other bug fixes or new features and is released for users who are unable to upgrade to ChiliProject 3.7.0. It is […]

Read full story Comments { 2 }

ChiliProject 3.6.0 released: Important Security Update!

ChiliProject 3.6.0 has just been released. This release is a security release to fix a severe security issue of Rails (CVE-2013-0333) which allows attackers to inject and execute arbitrary code on the server hosting ChiliProject. This bug was fixed in Rails 2.3.16, which is included in this release of ChiliProject. This release contains 1 other bug fix and no new […]

Read full story Comments { 1 }

ChiliProject 2.9.0 released: Important Security Update!

ChiliProject 2.9.0 has just been released. This release is a security release to fix a severe security issue of Rails (CVE-2013-0333) which allows attackers to inject and execute arbitrary code on the server hosting ChiliProject. This bug was fixed in Rails 2.3.16, which is included in this release of ChiliProject. This release contains no other bug fixes or new features […]

Read full story Comments { 1 }

ChiliProject 3.5.1 released: Security Release

ChiliProject 3.5.1 has just been released. This release is a security release to fix a security issue of Rails (CVE-2013-0155) which allows attackers to issue unexpected database queries with IS NULL or empty where clauses. The vulnerability does not allow attackers to insert arbitrary values into an SQL query. Additional details are available in the updated advisory of […]

Read full story Comments { 0 }

ChiliProject 2.8.1 released: Security Release

ChiliProject 2.8.1 has just been released. This release is a security release to fix a security issue of Rails (CVE-2013-0155) which allows attackers to issue unexpected database queries with IS NULL or empty where clauses. The vulnerability does not allow attackers to insert arbitrary values into an SQL query. Additional details are available in the updated advisory of […]

Read full story Comments { 0 }

Going forward: focus

In addition to our already discussed attempt to broaden our community reach and communication, we want to bring more focus to our code and development processes. The current development team is too small to properly take care of the whole codebase of ChiliProject with all its different functions and dependencies, correct bugs, implement new features […]

Read full story Comments { 4 }

ChiliProject 3.5.0 released: Important Security Update!

ChiliProject 3.5.0 has just been released. This release is a security release to fix a severe security issue of Rails (CVE-2013-0156) which allows attackers to inject and execute arbitrary code on the server hosting ChiliProject. This bug was fixed in Rails 2.3.15, which is included in this release of ChiliProject. This release contains no other bug fixes or […]

Read full story Comments { 1 }