Hi everyone,
This is the kind of release I never like to have to make, but it was
pointed out to us today that an encoding bug in our comment processing made
Review Board 1.5.x and 1.6.x susceptible to browser-side script injection.
We've patched this and issued two new releases: 1.5.7 and 1.6.3.
On Tue, 2011-11-15 at 03:21 -0800, Christian Hammond wrote:
If you're running 1.5.x, you can upgrade to this release by doing:
$ sudo easy_install -U ReviewBoard==1.5.7
Otherwise, just upgrade as normal.
Just to let anyone know that happens to be using Review Board on an
older system