OpenProject 6.0.3 contains an important security fix. It upgrades the Rails version to 22.214.171.124 to address the following CVEs:CVE-2016-6317 CVE-2016-6316The following bugs have been fixed in OpenProject 6.0.3:
- The help and profile dropdown changed rapidly when hovering over them (#23745).
- Safari did not display the pagination buttons on the work package page (#23785).
- The projects-menu did not properly display all projects in some cases (#23774).
- Several design errors have been fixes (#23778, #23801).
- Additionally, the performance on the work package page has been slightly improved (#23781).
We strongly recommend the upgrade.Thanks a lot to the community, in particular to Mikhail Podshivalin, Frank Schmid and Marc Vollmer, for reporting multiple bugs
!For further information on the release, please refer to the Changelog v.6.0.3
or take a look at GitHub