Hi everyone,

This is the kind of release I never like to have to make, but it was
pointed out to us today that an encoding bug in our comment processing made
Review Board 1.5.x and 1.6.x susceptible to browser-side script injection.
We've patched this and issued two new releases: 1.5.7 and 1.6.3.

If you're running 1.5.x, you can upgrade to this release by doing:

    $ sudo easy_install -U ReviewBoard==1.5.7

Otherwise, just upgrade as normal.

Thanks, and sorry for the inconvenience.

Christian

-- 
Christian Hammond - chip...@chipx86.com
Review Board - http://www.reviewboard.org
VMware, Inc. - http://www.vmware.com

-- 
Want to help the Review Board project? Donate today at 
http://www.reviewboard.org/donate/
Happy user? Let us know at http://www.reviewboard.org/users/
-~----------~----~----~----~------~----~------~--~---
To unsubscribe from this group, send email to 
reviewboard+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/reviewboard?hl=en

Reply via email to