Pyramid 1.6a1 has been released.
A detailed "What's New in Pyramid 1.6" document is available at
<http://docs.pylonsproject.org/projects/pyramid/en/1.6-branch/whatsnew-1.6.html>
The documentation for the release is available at
<http://docs.pylonsproject.org/projects/pyramid/en/1.6-branch/> .
You can install it via PyPI:
easy_install Pyramid==1.6a1
Simultaneously, Pyramid 1.4.8 and Pyramid 1.5.6 were released. These
include a security fix for the JSONP renderer, which is of course also
in 1.6a1. The JSONP renderer created JavaScript code in such a way
that a callback variable could be used to arbitrarily inject javascript
into the response object. See
<https://github.com/Pylons/pyramid/pull/1626> for more information.
Enjoy, and please report any issues you find to the issue tracker at
<https://github.com/Pylons/pyramid/issues>
Thanks!
- C
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/pylons-discuss.
For more options, visit https://groups.google.com/d/optout.
