The open source TWiki community just released TWiki-5.1.4. It can be downloaded immediately from TWiki.org and SourceForge.net. The TWiki-VM, a VMware based virtual machine has been updated as well.
This latest patch release fixes a number of bugs and has some incremental enhancements. Most importantly, it incorporates a fix for the Security Alert CVE-2013-1751, where the MAKETEXT variable allowed arbitrary shell command execution using the tilde (~) character. This is a followup to the CVE we issued in December.
Details at TWiki.org blog http://bit.ly/twRel514
-- Peter Thoeny, founder TWiki.org
Log in to post a comment.