tDiary / News: Recent posts

On 10 December 2006, a eRuby injection vulnerability has been discovered in tDiary. tDiary development team fixed this and released fixed versions.

Affected versions
------------------------

* tDiary 2.0.3 (Stable release)
* tDiary 2.1.4.20061126 (Development release)

Fixed in
-----------

* tDiary 2.0.4 (Stable release)
* tDiary 2.1.4.20061210 (Development release)

You cannot get tDiary 2.1.4.20061210 from SF.net. You can fix this vulnerability by 2 ways.... read more

On 26 November 2006, a Cross-Site Scripting(XSS)' vulnerability has been discovered in tDiary. tDiary development team fixed this and released fixed versions.

Affected versions
------------------------

* tDiary 2.0.2 and older (Stable releases)
* tDiary 2.1.4.20061115 and older (Development release)

Fixed in
-----------

* tDiary 2.0.3 (Stable release)
* tDiary 2.1.4.20061126 (Development release) ... read more

On 20 July 2005, a 'Cross-Site Request Forgeries (CSRF)' vulnerability has been discovered in tDiary. tDiary development team fixed this and released fixed versions.

Affected versions
------------------------

* tDiary 2.0.1 and older (Stable releases)
* tDiary 2.1.1 (Development release)

Fixed in
-----------

* tDiary 2.0.2 (Stable release)
* tDiary 2.1.2 (Development release)

More information
------------------------... read more