[ANN] Typo 6.1.2 - critical security bugfix


Let’s awake this long dormant list with all our wishes for an awesome
year 2013. As you can see, the project is still alive, and we’re happy
to announce the release of Typo 6.1.2, which is the second of the Remi
Ochlik series.

This release fixes a critical Rails security breach. This breach has
been present in every Rails version so far, and may allow an attacker to
execute some arbitrary code on your host.

The easiest way to update a Typo blog is:

  1. Download Typo 6.1.2, http://typosphere.org/stable.tgz
  2. Copy the archive content on your host.
  3. Edit config/database.yml and fill in your database credential. If
    you’re using the MySQL adapter, you’ll have to switch to mysql2.
  4. Run “bundle install”
  5. Run rake db:migrate

Then, copy your theme, files etc… into your new Typo application.

Typo 6.1.2 also provides some new feature, such as native Heoku support,
and bug fixes. Please read the full release note on our blog:

In caes you want to try before you buy, you can test Typo 6.1.2 on our
demo site: http://demo.typosphere.org/

Have a great week-end,
Fred, Matijs, Yannick and Thomas.