Spree 0.70.5 Released

Posted March 15, 2012 by Sean Schofield Comments

Spree 0.70.5 has been released. The primary purpose of this release is to address a recently discovered security vulnerability which under certain circumstances allows any authenticated user to read the contents of another user’s order.

Please see the Github compare for a complete list of changes in this release. Due to this issue and other previously announced vulnerabilities you should upgrade to this version of Spree if you are running a previous 0.70.x version of Spree.

release, security

blog comments powered by Disqus
 Subscribe via RSS

Archives

About Spree Commerce

Spree Commerce is an open source e-commerce solution created by Sean Schofield. Spree is supported by the open source community as well as the sale of our commercial products.

Take it for a test drive

You can even create your own personal store.

Try the demo

This project is maintained by a core team of developers and is freely available for commercial use under the terms of the New BSD License.

Spree, Spree Commerce and the Spree logo are all trademarks of Spree Commerce, Inc.