ChiliProject 1.5.1 Released

ChiliProject 1.5.1 has just been released. This release is a security release to fix two security bugs in ChiliProject 1.5.0. It contains no other bug fixes or new features and it released for users who are unable to upgrade to ChiliProject 2.1.0. It is suitable for use on production websites running ChiliProject 1.x and we highly recommend that 1.x users download the release.

Download ChiliProject 1.5.1

What’s included

1.5.1 includes 2 security fixes that were back ported from ChiliProject 2.1.0.

  • Bug #536: CSRF Protection
  • Bug #544: XSS in app/views/issues/show.rhtml

Contributors to 1.5.1

I’d like to thank all of the contributors to the 1.5.1 release.

  • Eric Davis
  • Holger Just
  • Jan Schulz-Hofen
  • Joernchen of Phenoelit

I would especially like to thank Joernchen of Phenoelit and Jan Schulz-Hofen for reporting the security bugs to us through the correct channels.

If you think you have found a security bug in ChiliProject please report it to the security team privately so we can follow responsible disclosure.

What’s Next?

The 1.x versions of ChiliProject is officially in maintenance mode and will only be getting security update from now on. We recommend upgrading to the current stable version of ChiliProject in order to get general bug fixes and features, currently ChiliProject 2.1.0.

Download ChiliProject 1.5.1

About Eric Davis

I founded Little Stream Software in 2007 where I help new entrepreneurs build a successful software business. I write on theadmin.org about freelancing, marketing, and other random business topics that I feel like. I've written four books, the latest of which teaches how to become a freelance developer in 30 days. Follow me on Twitter and Google Plus.

, ,