Archive | Releases RSS feed for this section

ChiliProject 3.8.0 has just been released. This release is a security release to fix security issues in Rails (CVE-2013-1854 among other security advisories not relevant to ChiliProject). This release contains no new features and 3 other bug fixes. It is suitable for use on production websites running ChiliProject 3.x. While the issue can only be exploited for DoS attacks, we [...]

ChiliProject 2.11.0 has just been released. This release is a security release to fix security issues in Rails (CVE-2013-1854 among other security advisories not relevant to ChiliProject). This release contains no other bug fixes or new features and is released for users who are unable to upgrade to ChiliProject 3.8.0. It is suitable for use on production websites running ChiliProject 2.x. While [...]

ChiliProject 3.7.0 has just been released. This release is a security release to fix security issues in Rails (CVE-2013-0277), the JSON gem (CVE-2013-0333, CVE-2013-0269) and with MySQL’s handling of strings and numbers during value comparison. This release contains no new features and 1 other bug fix for last tag in the Liquid template language. It is suitable for use [...]

ChiliProject 2.10.0 has just been released. This release is a security release to fix security issues in Rails (CVE-2013-0277), the JSON gem (CVE-2013-0333, CVE-2013-0269) and with MySQL’s handling of strings and numbers during value comparison. This release contains no other bug fixes or new features and is released for users who are unable to upgrade to ChiliProject 3.7.0. It is [...]

ChiliProject 3.6.0 has just been released. This release is a security release to fix a severe security issue of Rails (CVE-2013-0333) which allows attackers to inject and execute arbitrary code on the server hosting ChiliProject. This bug was fixed in Rails 2.3.16, which is included in this release of ChiliProject. This release contains 1 other bug fix and no new [...]

ChiliProject 2.9.0 has just been released. This release is a security release to fix a severe security issue of Rails (CVE-2013-0333) which allows attackers to inject and execute arbitrary code on the server hosting ChiliProject. This bug was fixed in Rails 2.3.16, which is included in this release of ChiliProject. This release contains no other bug fixes or new features [...]

ChiliProject 3.5.1 has just been released. This release is a security release to fix a security issue of Rails (CVE-2013-0155) which allows attackers to issue unexpected database queries with IS NULL or empty where clauses. The vulnerability does not allow attackers to insert arbitrary values into an SQL query. Additional details are available in the updated advisory of [...]

ChiliProject 2.8.1 has just been released. This release is a security release to fix a security issue of Rails (CVE-2013-0155) which allows attackers to issue unexpected database queries with IS NULL or empty where clauses. The vulnerability does not allow attackers to insert arbitrary values into an SQL query. Additional details are available in the updated advisory of [...]

ChiliProject 3.5.0 has just been released. This release is a security release to fix a severe security issue of Rails (CVE-2013-0156) which allows attackers to inject and execute arbitrary code on the server hosting ChiliProject. This bug was fixed in Rails 2.3.15, which is included in this release of ChiliProject. This release contains no other bug fixes or [...]

ChiliProject 2.8.0 has just been released. This release is a security release to fix a severe security issue of Rails (CVE-2013-0156) which allows attackers to inject and execute arbitrary code on the server hosting ChiliProject. This bug was fixed in Rails 2.3.15, which is included in this release of ChiliProject. This release contains no other bug fixes or new features [...]