Hi everyone,

We discovered a security vulnerability in-house that applies to 1.7.x, 
2.0.x, and 2.5.x. We've just released new builds of Review Board 1.7.29, 
2.0.22, and 2.5.3 to take care of these. The vulnerability allows access to 
file attachments, legacy screenshots, and metadata on review request 
updates on private review requests through hand-crafted URLs.

There are also some bug fixes for issues that have been reported over the 
past couple of months, and some new features for extension authors and 

See the announcement for more information:


Just a reminder that you can get the full details about releases and 
security issues sent directly to you as soon as they're announced by 
signing up for our Official Announcements mailing list at 


Christian Hammond - christ...@beanbaginc.com
Review Board - https://www.reviewboard.org
Beanbag, Inc. - https://www.beanbaginc.com

Supercharge your Review Board with Power Pack: 
Want us to host Review Board for you? Check out RBCommons: 
Happy user? Let us know! https://www.reviewboard.org/users/
You received this message because you are subscribed to the Google Groups 
"reviewboard" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to reviewboard+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to