New Rails vulnerability affects Redmine 1.4.7
A new Rails vulnerability (CVE-2013-0333) has been discovered and affects those who are still using Redmine 1.4.7. In order to upgrade to the Rails version that fixes this vulnerability, you can apply the attached patch (redmine-1.4.7.patch) then run `bundle update rails`
.
Redmine 2.1.6 and 2.2.2 are not affected by this vulnerability.
Comments