#42 ✓resolved
Walter McGinnis

Apply patch for REXML Security Vulnerability

Reported by Walter McGinnis | August 25th, 2008 @ 01:53 PM | in 1.1

http://weblog.rubyonrails.com/20...

Apply the patch outlined in the above blog post to Kete master which is based on Rails 2.1.

Cheers, Walter

Comments and changes to this ticket

  • Kieran P

    Kieran P August 26th, 2008 @ 11:39 AM

    • State changed from “new” to “resolved”

    The patch file provided on the weblog has been pushed to master branch, and should take effect on installations after the next update/mongrel restart.

  • Walter McGinnis

    Walter McGinnis August 26th, 2008 @ 11:50 AM

    You'll want to adjust the upgrade guide on Kete.net.nz to include mention of any extra steps necessary (installation of gem?).

    Cheers, Walter

    On Aug 26, 2008, at 11:39 AM, Lighthouse wrote:

  • Kieran P

    Kieran P August 26th, 2008 @ 11:54 AM

    The gem is only needed if you don't want to add an initializer (which is quicker and easier). The only thing needed is to update codebase like normal (nothing special, is there any point mentioning this?)

    Or would you prefer the gem? (its the same code, and you still have to edit environment.rb to load the file)

  • Walter McGinnis

    Walter McGinnis August 26th, 2008 @ 12:00 PM

    No, lets go with the initializer since it is nice and self contained.

    Go ahead and resolve this ticket if it got reopened.

    Cheers, Walter

    On Aug 26, 2008, at 11:55 AM, Lighthouse wrote:

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Kete was developed by Horowhenua Library Trust and Katipo Communications Ltd. to build a digital library of Horowhenua material.

People watching this ticket

Pages