Sage News

[edit] Sage News

Sage 1.3.9 was released in 17 November 2006. It is a maintenance release with several bugfixes.

pdp has discovered a vulnerability in Sage version 1.3.6 (8 September 2006). The attacker can exploit the vulnerability to inject and execute arbitrary HTML and script code in local zone by tricking a user into adding a malicious RSS feed and then viewing the content of it. See also a Secunia advisory. The vulnerabiblity was fixed in Sage 1.3.7.

Sage 1.3.5 just released by The Sage Project (19 June 2005).
This is a maintenance release that provides Deer Park compatibility and fixes an Atom parsing bug.

Create a new article Upload a new image
Recent changes Help	Random page Special pages Recent changes Random page