Hi everyone,

This is the kind of release I never like to have to make, but it was
pointed out to us today that an encoding bug in our comment processing made
Review Board 1.5.x and 1.6.x susceptible to browser-side script injection.
We've patched this and issued two new releases: 1.5.7 and 1.6.3.

If you're running 1.5.x, you can upgrade to this release by doing:

    $ sudo easy_install -U ReviewBoard==1.5.7

Otherwise, just upgrade as normal.

Thanks, and sorry for the inconvenience.


Christian Hammond - chip...@chipx86.com
Review Board - http://www.reviewboard.org
VMware, Inc. - http://www.vmware.com

Want to help the Review Board project? Donate today at 
Happy user? Let us know at http://www.reviewboard.org/users/
To unsubscribe from this group, send email to 
For more options, visit this group at 

Reply via email to