I think telling the vulnerabilities is not the wiser thing to do... Telling the reason for a change like vulnerability issue ok... But no description of the vulnerabilities...
It only helps the hakers to exploit those vulnerabilities. Richard On Tue, Aug 30, 2011 at 1:09 PM, Phyo Arkar <[email protected]>wrote: > Cool , also please note about the related vulnerability too , and a > security announcement section may be? I do not know about the related > vulnerability until Anthony told me now . > > On 8/30/11, Massimo Di Pierro <[email protected]> wrote: > > Good idea. Will do that. > > > > On Aug 30, 2011, at 7:38 AM, Phyo Arkar wrote: > > > >> On the mailing list? > >> > >> One problem with mailing list is it is not a forum and it can't have a > >> Sticky feature. Information of last month is totally lost. Most busy > >> people on tight schedule wont have time to dig into pile of posts. > >> > >> So a good place to put it is on the web2py.com home page , make a > >> Notice section . Also in Download page showing that notice. > >> > >> I update from 1.96 tho . > >> > >> On 8/30/11, Massimo Di Pierro <[email protected]> wrote: > >>> We did. Over and over. We announced this starting... 1.95 ;-) > >>> > >>> On Aug 30, 2011, at 7:20 AM, Phyo Arkar wrote: > >>> > >>>> Ok thats good . > >>>> > >>>> But please announce somewhere that 1.98.2 will break compatbility to > >>>> existing views those are without > >>>> response.generic_patters = ['*'] > >>>> > >>>> On 8/30/11, Massimo Di Pierro <[email protected]> wrote: > >>>>> This is a security measure. > >>>>> Just add this to your db.py > >>>>> > >>>>> response.generic_patters = ['*'] > >>>>> > >>>>> Massimo > >>>>> > >>>>> On Aug 30, 2011, at 6:46 AM, Phyo Arkar wrote: > >>>>> > >>>>>> heres my call : > >>>>>> > >>>>>> > http://localhost:8080/sExtract/extraction/listMIME.json?extracted_path=/home/v3ss/workspace-bbb/web2py-clone/applications/sExtract/static/ediscov/testFails/extracted&source_path=/home/v3ss/workspace-bbb/web2py-clone/applications/sExtract/static/ediscov/testFails/source&_search=false&nd=1314704423498&rows=100&page=1&sidx=id&sord=desc&totalrows=1000 > >>>>>> > >>>>>> Resulting in : > >>>>>> <html><body><h1>invalid view > >>>>>> (extraction/listMIME.json)</h1></body></html> > >>>>>> > >>>>>> All other .json calls which are not with json RPC fails horribly , > >>>>>> breaking all my applications. > >>>>>> > >>>>>> is that a bug or Feature ? > >>>>>> > >>>>>> This will be the last time i updating web2py blindly :( > >>>>> > >>>>> > >>> > >>> > > > > >
