Spree Commerce

Try It Now

Spree 0.70.5 Released

Posted on March 15, 2012 by Sean Schofield

Spree 0.70.5 has been released. The primary purpose of this release is to address a recently discovered security vulnerability which under certain circumstances allows any authenticated user to read the contents of another user’s order.

Please see the Github compare for a complete list of changes in this release. Due to this issue and other previously announced vulnerabilities you should upgrade to this version of Spree if you are running a previous 0.70.x version of Spree.