ChiliProject 3.8.0 has just been released. This release is a security release to fix security issues in Rails (CVE-2013-1854 among other security advisories not relevant to ChiliProject). This release contains no new features and 3 other bug fixes. It is suitable for use on production websites running ChiliProject 3.x. While the issue can only be exploited for DoS attacks, we [...]
About Felix
CS student and Ruby- and Rails-wielding web developer by day, shiny rainbow ChiliProject superhero by night. Meet me at the RUG::B and Cologne.rb. Twitter: @thegcat, IRC: #chiliproject thegcat, or Google+.Author Archive | Felix
ChiliProject 2.11.0 released: Security Update
ChiliProject 2.11.0 has just been released. This release is a security release to fix security issues in Rails (CVE-2013-1854 among other security advisories not relevant to ChiliProject). This release contains no other bug fixes or new features and is released for users who are unable to upgrade to ChiliProject 3.8.0. It is suitable for use on production websites running ChiliProject 2.x. While [...]
ChiliProject 3.6.0 released: Important Security Update!
ChiliProject 3.6.0 has just been released. This release is a security release to fix a severe security issue of Rails (CVE-2013-0333) which allows attackers to inject and execute arbitrary code on the server hosting ChiliProject. This bug was fixed in Rails 2.3.16, which is included in this release of ChiliProject. This release contains 1 other bug fix and no new [...]
ChiliProject 2.9.0 released: Important Security Update!
ChiliProject 2.9.0 has just been released. This release is a security release to fix a severe security issue of Rails (CVE-2013-0333) which allows attackers to inject and execute arbitrary code on the server hosting ChiliProject. This bug was fixed in Rails 2.3.16, which is included in this release of ChiliProject. This release contains no other bug fixes or new features [...]
Going forward: focus
In addition to our already discussed attempt to broaden our community reach and communication, we want to bring more focus to our code and development processes. The current development team is too small to properly take care of the whole codebase of ChiliProject with all its different functions and dependencies, correct bugs, implement new features [...]
ChiliProject 2.8.0 released: Important Security Update!
ChiliProject 2.8.0 has just been released. This release is a security release to fix a severe security issue of Rails (CVE-2013-0156) which allows attackers to inject and execute arbitrary code on the server hosting ChiliProject. This bug was fixed in Rails 2.3.15, which is included in this release of ChiliProject. This release contains no other bug fixes or new features [...]
ChiliProject 2.7.4 released
ChiliProject 2.7.4 has just been released. This release is a security release to fix two XSS vulnerabilities (CVE-2012-3464, CVE-2012-3465) and a SQL injection vulnerability (CVE-2012-5664) of Rails. All these bugs were fixed in Rails, we have included the fixes from Rails or backported them to the version of Rails ChiliProject uses right now. This release contains no [...]
ChiliProject 3.4.0 released
ChiliProject 3.4.0 has just been released. It includes lots of bug fixes for ChiliProject 3.3.0 as well as 3 security fixes. It is suitable for use on production websites and we highly recommend that all users download the release as soon as possible. Download ChiliProject 3.4.0 What’s included 3.4.0 includes 3 security fixes for Rails [...]
Going forward: get involved!
After the dry spell we went through in the last few months, the ChiliProject Team wants to get things going again. We still want to get more people involved in ChiliProject and are looking for ways for the Team to communicate outwards but also for the Community as a whole to better communicate. We’re also [...]
Retrospective
So the last 6 months happened. Many of you rightly noted that ChiliProject development halted to near nothingness in that time and Holger and I are not only very sorry but also feel guilty about that (anyone who wants to know why one can feel guilty about a voluntary contribution, go read the excellent article [...]
Twitter
