roller-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Anil Gangolli" <>
Subject Re: to Release Roller 2.3.1 (RC1)
Date Sun, 30 Jul 2006 15:51:16 GMT
+1 if it has been verified.  It's certainly safer than the earlier behavior.
If we have some sample attack texts, we should add that to the unit test for 


There was an issue raised with the search feature, where I could possibly 
learn cookies by publishing a constructed URL that invoked the search but 
also had embedded script.  Was that fixed as well?  If not, we should 
probably add a fix for that to the 2.3.1 release.


----- Original Message ----- 
From: "Dave Johnson" <>
To: <>
Cc: <>
Sent: Monday, July 24, 2006 7:34 AM
Subject: VOTE: to Release Roller 2.3.1 (RC1)

>I have prepared a release candidate for Roller 2.3.1 that fixes one issue:
> The release candidate files are available here:
> I think ROL-1196 is serious enough to justify "emergency bug fix
> release" status.
> - Dave

View raw message