[Slashcode-announce] Slash 2.2.5 Released

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Slash 2.2.5 is released.  It is strongly recommended that you upgrade from
version 2.2.0 through 2.2.4.  This release fixes a cross-site scripting
vulnerability which could be used to obtain passwords or other private
information from both users and admins.

To upgrade from 2.2.x, unpack the 2.2.5 tarball and "make install," then
restart Apache and the slashd daemon.  The 2.2.5 tarball can be found at
<http://sourceforge.net/projects/slashcode/>.

(Upgrading from 2.2.2 also entails some extremely minor SQL changes;
from 2.2.1 you must update the template header;misc;default; from
2.2.0 also update the template displayForm;submit;default; from 2.2.4
update the template messages;users;default.)

Earlier versions of Slash are also affected.  If you are running
Slash 2.0.x or 1.0.x and are unable to upgrade to 2.2.5 at this
time, patches are available.

    http://slashcode.com/article.pl?sid=02/02/07/1624221

-- 
Chris Nandor                      pu...@po...    http://pudge.net/
Open Source Development Network    pu...@os...     http://osdn.com/