Dear TWiki administrator:
A new TWiki Release 4.0.4 is available for download. This is
a patch release that contains a fix for the latest security
alert on securing file uploads.
Please download the new release from:
http://twiki.org/cgi-bin/view/Codev/TWikiRelease04x00x04
____________________________________________________________
__
CHANGES AND UPGRADE:
If you have TWiki Release 4.0.3 installed, you can download
and install just the newer files contained in changed files.
This release contains very few changed files and no matter
which setting you have changed and tailorings you have made,
the -changed zip file should be 100% safe to copy on top of
your running TWiki 4.0.3 installation.
If you have TWiki Release 4.0.2 installed and still have not
upgraded to TWiki Release 4.0.3 you can either install a
full
new TWiki Release 4.0.4 or first upgrade to TWiki 4.0.3
using
the TWiki-4.0.3-changed.zip and then apply the much smaller
TWiki-4.0.4-changed.zip on top.
The -changed file is distributed only as a zip file. When
you
copy a zip file on to a Unix/Linux/BSD environment the new
files will have the default file access rights. The topic
TWiki.SettingFileAccessRightsLinuxUnix tells you how to
quickly restore access rights on your entire TWiki
directory.
IMPORTANT NOTE: Please review the security hotfix page
mentioned below, and secure your webserver so that uploaded
files cannot be executed. Securing the file uploads is done
in two layers: Webserver configuration (needs to be done
manually), and upload filter (included in 4.0.4 release and
changes file.)
Fixes:
* Item2578: SECURITY HOTFIX: Improved protection
against
attaching scripts that can be executed afterwords by
simple view (SecurityAlertSecureFileUploads)
* Item2568: Fix potential script error when attachment
twisty is removed
* Item2558: TWiki 4.0.3 distributed LocalSite.cfg.txt
uses incorrect syntax
* Item2546: Handmade twisty buttons has underline under
them
Security hotfix: Secure webserver to prevent script
execution of uploaded files (CVE-2006-3336),
http://twiki.org/cgi-bin/view/Codev/SecurityAl
ertSecureFileUploads
For details consult the download page at
http://twiki.org/cgi-bin/view/Codev/TWikiRelease04x00x04
and the known issues page at
http://twiki.org/cgi-bin/view/Codev/KnownIssuesOfT
Wiki04x00x00
To upgrade from the 04-Sep-2004 version follow the
instructions
in http://TWiki.org/cgi-bin/view/TWiki04/TWikiUpgradeGuide
____________________________________________________________
__
WHAT IS TWIKI:
TWiki is the leading open-sourced enterprise wiki and
pioneered wiki applications, small programs that foster
collaboration. TWiki extends the free-form world of wikis by
adding structure - content can be browsed, searched,
grouped,
categorized, filtered and access restricted. TWiki looks and
feels like a normal intranet or web site, and can be easily
modified through standard web browsers.
TWiki, with its server-side Plugin API, is a platform where
developers and non-programmers can build groupware
applications in an efficient way. Currently, more than 200
Plugins and add-ons can be added to TWiki, such as the
BlogPlugin that turns TWiki into a weblog tool. TWiki and
its extensions are available for download from the TWiki.org
website, http://TWiki.org/.
TWiki.org's mission is to provide a leading edge, web-based
collaboration platform targeting the corporate Intranet
world. TWiki.org, through TWiki, fosters information flow
within an organization; lets distributed teams work together
seamlessly and productively; and eliminates the
one-webmaster
syndrome of outdated intranet content. Founded in 1997 by
Peter Thoeny and managed by a team of open-source software
engineers around the world, the TWiki platform is installed
and used by thousands of companies including Google,
Motorola, SAP, and Yahoo! to increase the productivity of
their teams.
TWiki is developed by an active community and released as
Free Software under the GNU/GPL (General Public License).
TWiki (TM) is a trademark of Peter Thoeny.
____________________________________________________________
__
TWIKI DEVELOPMENT
We have a very active developer community. The place to
collaborate and brainstorm on TWiki development is at
http://tw
iki.org/cgi-bin/view/Codev/WebHome . ReadmeFirst
tells you about our development process. If interested you
can subscribe to the Codev web.
The development of TWiki extensions gained momentum over the
last 12 month, there are now more than 200 Plugins, Add-ons
and Contribs available. Check them out; to name a few,
ActionTrackerPlugin, BlackListPlugin, BlogPlugin,
CalendarPlugin, ChartPlugin, DBIQueryPlugin,
FormQueryPlugin,
HeadlinesPlugin, HistoryPlugin, ProjectPlannerPlugin,
TWikiDrawPlugin, SlideShowPlugin, SpreadSheetPlugin,
WysiwygPlugin, XpTrackerPlugin and more can be downloaded
from http://
twiki.org/cgi-bin/view/Plugins/WebHome
____________________________________________________________
__
TWIKI SUPPORT
The Support web at TWiki.org is available for people who
have
a technical questions or questions about TWiki deployment.
This support forum is for TWiki users by TWiki users. The
TWiki community keeps an eye on postings, but doesn't
necessarily answer questions. In practice, contributors and
users are actively discussing and helping out! Get TWiki
support at: http://
TWiki.org/cgi-bin/view/Support/WebHome
If you prefer IRC you can use the #twiki channel to get in
touch with TWiki developers.
You can also get commercial support to install, upgrade,
configure and deploy TWiki systems:
http://TWiki.org/cgi-bin/view/Codev/ConsultantsForHire
htt
p://TWiki.org/cgi-bin/view/Codev/CodersForHire
____________________________________________________________
__
TWIKI DEPLOYMENT AND ADVOCACY
TWiki is steadily growing in popularity. TWiki is mainly
used
behind corporate firewalls and is a mission critical system
in
major corporations such as Google, Motorola, Sun
Microsystems
and Yahoo! In case you installed TWiki on your server you
could list it at
http://TWiki.org/cgi-bin/view/Main/TWikiInstallation
Word of mouth is a good way of spreading TWiki - your
help is greatly appreciated! More exposure means more
contributions, and a better system! To promote TWiki in
magazines and web sites use the material in
http://twiki.org/cgi-bin/view/Codev/TWikiAdvocacy04x00x
00
Dan Woods and Peter Thoeny are working on a book titled
"Wikis in the Workplace: A Practical Guide to
Collaborating,
Creating Knowledge, and Sharing Information". The book
will
be good PR for TWiki. Read more
at http://twiki.org/cgi-bin/view/Codev/WikisInTheWorkpla
ceBook
____________________________________________________________
__
** REQUEST FOR PAPER! **
If you have a successful deployment of TWiki, we would
really
appreciate if you could support the TWiki project by writing
a TWiki success story. This helps in promoting the platform,
leading to more input, and a continuously improving product!
More on this at:
http://TWiki.org/cgi-bin/view/Main/TWikiSuccessStories
Last but not least, thanks for contributing many ideas,
code,
docs, quality and more. We have a thriving TWiki.org
community!
Best regards and happy TWiki'ing; on behalf of the TWiki
development community,
Peter Thoeny and Kenneth Lavrsen
--
* Peter Thoeny Peter StructuredWikis.com
* http://StructuredWikis.com
- bringing wikis to the workplace
* http://TWiki.org - is
your team already TWiki enabled?
* Knowledge cannot be managed, it can be discovered and
shared
* This e-mail is: (_) private (_) ask first (x)
public
Using Tomcat but need to do more? Need to support web
services, security?
Get stuff done quickly with pre-integrated technology to
make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on
Apache Geronimo
http://sel.as-us.falkag.net/
sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
twiki-announce mailing list
twiki-announcelists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/twiki-an
nounce
|