Here is a new version for you, including security updates. I strongly recommend to upgrade your system.
Get the file from GitHub
The update is supported if you run a Bigace version between 2.7.2 - 2.7.7. Get the file from GitHub
The same old procedure like all the times before, described in our wiki ;-)
The IT security specialists from JPCERT/CC reported a possible Session fixation vulnerability originally found by Yuji Tounai. They sent me an email and gave me a lot of time to fix the problems, before releasing the security advisory. Thanks for the co-operation research team, very professional and responsible announcing policy!
What happened in between:
- Jira changelist
- Security fixes
Thanks to all of you for downloading Bigace 2.7.8 - which I want to dedicate to Oleg (the good soul of this release!).