hi list,
we just released a new version of instiki - version 0.12
that is
mainly a bugfix release. We recommend all instiki Users to
upgrade.
In this version, some security holes where fixed
- An XSS vulnerability in categories
- An XSS vulnerability in <nowiki>
- fixes that Instiki allows "dangerous"
operations as HTTP GETs
as well as some other small improvements.
- fixes for instiki running on mongrel
- fixes for instiki running on mongrel_cluster
Jacques Distler's fixes are included as well.
small bugs as well. A note to Mac OSX users: use the Ruby
One-Click-Installer
for OSX ( http://rubyosx.com ) or make
sure you are not running into problems
with sqlite (see http://instiki.5uper.net/instiki/show/SQLite+issues+on
+OSX)
also, the website is up again, on a new host. We are
planning on
creating a mirror for instiki.org so long downtimes cannot
happen
again. If somebody can help with such a mirror, please
reply.
There are still some issues in 0.12 that need to be checked
and fixed,
so we are basically trying to get 0.13 out soon (any help
welcome).
There is a known issue when running instiki only on mongrel.
If you
experience a problem like "Superclass mismatch for
class Cookie",
please create your wiki via Webrick, then you can switch to
mongrel.
(we need to take a look at that)
For all the people that want to help out or still have
instiki patches
to commit - please drop me a mail or directly send me the
files!
regards,
matthias
--
matthias tarasiewicz
http://mutti.jp
http://parasew.com
_______________________________________________
Instiki-users mailing list
Instiki-users rubyforge.org
h
ttp://rubyforge.org/mailman/listinfo/instiki-users
|