diff options
author | ng <ng@immerda.ch> | 2018-03-29 04:20:30 -0700 |
---|---|---|
committer | ng <ng@immerda.ch> | 2018-03-29 04:20:30 -0700 |
commit | d78b842dda2b4b6eaffe7815b07dbb5212f2d6d5 (patch) | |
tree | bce299bf04c958e3acacec1a02146aaf54dfb097 /index.md | |
parent | 2a6defcb3bfcd6533eaf687d083122ba295cd690 (diff) | |
parent | 5d69d3cdcdf8e8b26f50bd903d815b3bc2d09f83 (diff) |
Merge branch 'update-loofah-rails-html-sanitizer' into 'master'
Add note to update loofah and rails-html-sanitizer.
See merge request schleuder/schleuder-website!39
Diffstat (limited to 'index.md')
-rw-r--r-- | index.md | 2 |
1 files changed, 2 insertions, 0 deletions
@@ -18,6 +18,8 @@ To **be notified** of news about Schleuder subscribe to [schleuder-announce](htt ## News +2018-03-28: **Vulnerability in dependencies of schleuder-web.** Anyone running schleuder-web should update the gems "loofah" and "rails-html-sanitizer" by running "bundle update loofah rails-html-sanitizer" as soon as possible. (See [CVE-2018-8048](https://github.com/flavorjones/loofah/issues/144) and [CVE-2018-3741](https://hackerone.com/reports/328270) for details.) + 2018-02-19: **Linux-packages for Schleuder 3.2.2 available.** For Debian (stretch-backports) and CentOS (EL 7) there are now packages of Schleuder version 3.2.2 available to easily install and upgrade it. Please see the [installation instructions](https://schleuder.nadir.org/docs/#installation) for details on how to use the packages. For details about version 3.2.2 please read the [changelog](https://0xacab.org/schleuder/schleuder/blob/master/CHANGELOG.md#322-2018-02-06). 2018-02-06: **Schleuder 3.2.2 released!** This release fixes some minor bugs, e.g. with lingering dirmngr-processes, parsing keywords from big messages, and OpenPGP-keys with non-ASCII-characters. It also pins the "mail"-library to version 2.6, because 2.7 seems to have problems. For all details please see the [changelog](https://0xacab.org/schleuder/schleuder/blob/master/CHANGELOG.md#322-2018-02-06). |