Sex, 2006-11-10 às 09:43 +0100, Christian Boos escreveu: > Hi, > > We just released 0.10.1 which fixes the CSRF attack described in #4049, > but in addition, 0.10.1 comes with two bugs which are quite visible and > impacting otherwise working 0.10 installations. One of them is already > fixed (#3996) and affects only people using the FineGrainedPermissions > stuff, the other will affect nearly everyone, at times (#4120). There's > no fix yet for the last one, but I suggested two possible ways to fix > it, so it's not a big deal.
if 10.1 has security improvements, users should upgrade from 10.0. BUT if you already know that 10.1 has new bugs, and you already know how to solve them, why don't you make a quick 10.2 with just the fixes, before everyone one starts upgrading? > > I wonder if we shouldn't quickly follow-up to 0.10.1 with a 0.10.2 > release fixing those two issues (and possibly other outstanding issues > in 0.10.1 if you think they are some), otherwise people will probably > ''not'' upgrade to 0.10.1 and stay with or revert to 0.10. > > -- Christian > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Trac Development" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/trac-dev?hl=en -~----------~----~----~----~------~----~------~--~---
