Jump to >
New Django 1.6.11.7 Security Releases

Django released a new set of security releases that protect against swamping a server when passing certain strings to a few different functions used for building URLs and truncating content. See their announcement for the details on the fixes.

We maintain security-hardened builds of Django 1.6.x, the version series we use for Review Board 2.0 through 3.0. We've put out a new Django 1.6.11.7 release that contains these fixes.

To upgrade to this release, run:

$ pip install -U https://downloads.reviewboard.org/releases/Django/1.6/Django-1.6.11.7.tar.gz

Or:

$ easy_install -U http://downloads.reviewboard.org/releases/Django/1.6/Django-1.6.11.7.tar.gz

You can always keep up on the latest Review Board security announcements by subscribing to our Official Announcements mailing list, joining our Subreddit, or following us on Twitter.