05 Jul '12, 3pm

Important Security Updates

Posted July 05, 2012 by GeekOnCoffee | Comments We have just released several new versions of Spree which contain important security fixes. A vulnerability exists in Product Scopes that could allow for unauthenticated remote command execution. There is also a potential XSS vulnerability related to the analytics dashboard. Finally, the new releases also upgrade to the latest version of Rails which include additional security fixes which were addressed by the Rails team. The remote command execution vulnerability is quite serious and affects all versions of Spree. You should upgrade to one of the following secure versions of Spree immediately: 0.11.4, 0.70.6, 1.0.5 or 1.1.2. Thanks to joernchen from Phenoelit and Michael Bianco from Ascension Press for bringing these issues to our attention. If you believe you’ve found a security vulnerability, please do not post publicly ab...

Full article: http://spreecommerce.com/blog/2012/07/05/security-issue-a...

Tweets

Ну вот почему? Почему я не удивлен security vul...

spreecommerce.com 12 Jul '12, 7am

Posted July 05, 2012 by Andrew Hooker Comments We have just released several new versions of Spree which contain important...

New blog post: join in our on-going spree

singaporesales.sg 05 Jul '12, 2am

we are now registered in singapore so now you can shop with trust join our spree from forever21,carter,juicy,katespade,coa...

Complete jerks think fracking is more important than democracy This is an amazing story.

Complete jerks think fracking is more important...

grist.org 05 Jul '12, 3pm

The North Carolina State Capitol, where “democracy” happens. (Photo by Jim Bowen .) Becky Carney, a member of the North Ca...

British government deploying sizable military to reinforce Olympic security #TechNews

British government deploying sizable military t...

element14.com 05 Jul '12, 3pm

The British Parliament is going ‘all-out’ with security at this year’s (2012) Olympic Games being held in London. The gove...

Need some advice on internet security? Make sur...

123-reg.co.uk 17 Jul '12, 10am

We’d like to think we’re all wise to these now, but opening up that email bleary-eyed first thing in the morning you may n...

New blog post : Quick updates!

New blog post : Quick updates!

rinaz.net 03 Jul '12, 10am

Last week was Cart’s birthday. Because of the heatwave going on in Rome, we preferred to stay indoors. It was a very simpl...

Jaguar Deftly Updates XF for 2012, Unveils XF Sportbrake for the U.K.

Jaguar Deftly Updates XF for 2012, Unveils XF S...

robbreport.com 04 Jul '12, 7am

It’s a testament to the mechanical excellence and enduring beauty of Jaguar ’s XF that five years after its debut it remai...

Updates Blogshop @ JustSpree

blogshop.justspree.com 01 Jul '12, 8am

The following is an excerpt from "Updates". Note: Items are offered by individual blogshop owner. JustSpree does not sell ...

The Single Most Important Issue YOU Face in the...

ricksblog.com 12 Jul '12, 11am

What I write on my blog is only half of the story. You, the commenter, provide the other half. I open up an issue and you ...

Eating in, eating out – food updates: Eating in, eating out – food updates. Posted at June 26, 2012 ... This is

Eating in, eating out – food updates: Eating in...

suanie.net 08 Jul '12, 5am

Finally had the chance to try this as I’ve been reading lots of good things about it. I’ve not shut up telling everyone ab...