Is there an updated release date for stable 0.9 .. or general time frame (no rush or pressure, we are just trying to plan around it)....thanks..
On 2/6/10, [email protected] <[email protected]> wrote: > Send StatusNet-dev mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.status.net/mailman/listinfo/statusnet-dev > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of StatusNet-dev digest..." > > > Today's Topics: > > 1. Re: StatusNet security update - 0.7.5, 0.8.3 releases coming > today (Greg Clute) > 2. announcement list (was Re: StatusNet security update - 0.7.5, > 0.8.3 releases coming today) (Evan Prodromou) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Fri, 5 Feb 2010 22:34:39 -0700 > From: Greg Clute <[email protected]> > Subject: Re: [StatusNet-dev] StatusNet security update - 0.7.5, 0.8.3 > releases coming today > To: Brion Vibber <[email protected]> > Cc: [email protected] > Message-ID: > <[email protected]> > Content-Type: text/plain; charset=ISO-8859-1 > > Is there a list we can subscribe to get notified of security updates? > I'd like to have them forwarded to an email I check more often. > > -Greg Clute > > On Mon, Feb 1, 2010 at 10:15 AM, Brion Vibber <[email protected]> wrote: >> Download links will be added to the alert page: >> http://status.net/wiki/Security_alert_0000002 >> >> --------- >> >> All release versions of StatusNet (0.7.x, 0.8.x, 0.9.x) are subject to a >> local file include vulnerability that makes it possible for an attacker to >> read arbitrary files on the file system. The vulnerability is in the >> online >> documentation system. >> >> Additionally, beta versions of StatusNet (0.9.x) are subject to a local >> file >> include vulnerability in the system for sharing uploaded files in a >> private >> site. >> >> Thanks to Mark Piper for identifying the first vulnerability and to Brion >> Vibber for finding the similar second one. >> >> == News == >> * 1 Feb 2010 09:00AM EST - vulnerability reported. >> * 1 Feb 2010 10:30AM EST - vulnerability confirmed. >> * 1 Feb 2010 12:00PM EST - fixes pushed to 0.7.x, 0.8.x, 0.9.x, master, >> testing branches in Git. >> * 1 Feb 2010 12:00PM EST - fixes pushed to status.net cloud service and >> applied to all sites including identi.ca. >> >> == Fix == >> >> Currently fixes are available in all branches of the project on gitorious. >> >> New releases of all branches will be made available this afternoon EST. >> >> --------- >> >> >> -- brion vibber (brion @ status.net) >> Senior Software Architect >> StatusNet, Inc. >> San Francisco >> _______________________________________________ >> StatusNet-dev mailing list >> [email protected] >> http://lists.status.net/mailman/listinfo/statusnet-dev >> > > > ------------------------------ > > Message: 2 > Date: Sat, 06 Feb 2010 11:16:00 +0100 > From: Evan Prodromou <[email protected]> > Subject: [StatusNet-dev] announcement list (was Re: StatusNet security > update - 0.7.5, 0.8.3 releases coming today) > To: Greg Clute <[email protected]> > Cc: [email protected] > Message-ID: <[email protected]> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > Greg Clute wrote: >> Is there a list we can subscribe to get notified of security updates? >> I'd like to have them forwarded to an email I check more often. > We probably should have an announcement mailing list just for this kind > of message. > > -Evan > > -- > Evan Prodromou > CEO, StatusNet, Inc. > [email protected] - http://identi.ca/evan - +1-514-554-3826 > > > > ------------------------------ > > _______________________________________________ > StatusNet-dev mailing list > [email protected] > http://lists.status.net/mailman/listinfo/statusnet-dev > > End of StatusNet-dev Digest, Vol 20, Issue 6 > ******************************************** > -- Shlomo Wollins [email protected] Israel Cell: 054-7388-054 ----------------------------------------------------- WeJew.com - Founder The Jewish Video Megasite Launched May 2007 http://www.WeJew.com VeoBuild.com - Founder Strategic Internet Development Launched December 2009 http:///www.VeoBuild.com ----------------------------------------------------- Follow Us On Twitter http://www.twitter.com/wejew _______________________________________________ StatusNet-dev mailing list [email protected] http://lists.status.net/mailman/listinfo/statusnet-dev
