21 lines
942 B
Markdown
21 lines
942 B
Markdown
---
|
|
layout: news_item
|
|
title: "Jekyll 1.1.2 Released"
|
|
date: "2013-07-25 09:08:38 +0200"
|
|
author: parkr
|
|
version: 1.1.2
|
|
categories: [release]
|
|
---
|
|
|
|
Version 1.1.2 fixes a minor, but none-the-less important security vulnerablity affecting several third-party Jekyll plugins. If your Jekyll site does not use plugins, you are may, but are not required to upgrade at this time.
|
|
|
|
Community and custom plugins extending the `Liquid::Drop` class may inadvertantly disclose some system information such as directory structure or software configuration to users with access to the Liquid templating system.
|
|
|
|
We recommend you upgrade to Jekyll v1.1.2 immediately if you use `Liquid::Drop` plugins on your Jekyll site.
|
|
|
|
Many thanks for [Ben Balter](http://github.com/benbalter) for alerting us to the problem
|
|
and [submitting a patch][1349] so quickly.
|
|
|
|
[230]: https://github.com/Shopify/liquid/pull/230
|
|
[1349]: https://github.com/mojombo/jekyll/issues/1349
|