Blue Sky On Mars

Thoughts on Building Software Products
January 10, 2006

Presentation tonight at the Michigan!/usr/group

by Kevin Dangoor

I’ll be presenting TurboGears tonight at the MUG meeting in Farmington Hills, Michigan. My plan is to do the live version of the “20 Minute Wiki”, newly modified for TurboGears 0.9. The 0.9 “20 Minute Wiki” is functionally equivalent to the 0.8 version, but the code is nicer.

Sorry for the late notice!

2 comments
January 10, 2006

TurboGears 0.8.8 security fix release

by Kevin Dangoor

I have just released TurboGears 0.8.8. The only change from 0.8.7 is the requirement of CherryPy 2.1.1.

The staticfilter of CherryPy 2.1.0 has a serious security flaw that would allow people to retrieve files from “..”. You should update as soon as possible:

Thanks to Remi Delon and the others on the CherryPy team for a fast fix and release on this issue!

2 comments