Gravity 6.0.0-rc.4/5.6.4/5.5.12 Security Update

The following gravity versions are now available:

  • 6.0.0-rc.4
  • 5.6.4
  • 5.5.12

Bugfixes

  • Fix a security issue with insecure decompression of application bundles.
  • Fix a security issue that allowed remote code execution in the tele cli tool.
  • Fix a security issue with missing ACLs in internal API.
  • Fix a security issue with install scripts command injection.
  • Fix a security issue that allowed for two factor authentication to be bypassed.
  • Fix a security issue that allowed for cross-site scripting in Internet Explorer.

Warning

This release fixes security vulnerabilities within Gravity. Please see Gravity Enterprise Announcement for more information.