We've just released two new versions of Review Board: 2.0.23 and 2.5.4. Both contain a number of bug fixes and other improvements, along with fixes for two small self-XSS vulnerabilities.
Security Fixes
The self-XSS vulnerabilities can cause a user to intentionally or unintentionally execute JavaScript code by crafting just the right kind of text in the review request or review dialog fields. These do not persist, cannot be triggered by external users, and cannot affect other users.
These were caused by a bad timing issue that resulted in user-inputted text being briefly considered as safe HTML. A user is unlikely to hit this, and likely will only hit it accidentally, but we recommend that everyone updates to this release as a precaution.
Thanks to "Secfathy" for reporting the self-XSS in the review dialog! We take security seriously, so if you find a vulnerability, please report it responsibly!
New Additions and Fixes
Security fixes aside, we've made a number of improvements in both of these releases:
- Support for JavaScript unit tests for extensions
- Settings for configuring the static media URL.
- Support for using modern versions of stunnel with Perforce.
- Compatibility fixes for Subversion with Beanstalk
- Stale cache fixes for Git diffs when changing the raw file URL mask.
- Information on support options and the current active support contract (if any) in the administration dashboard.
Those are just a few of the improvements! See the release notes for the rest: