We've just built Darga-3. This release contains bug fixes, numerous UI tweaks, and stabilization.
- It was found that the CloudForms web UI did not properly filter input in
certain fields. A remote, authenticated attacker could use this flaw to execute
arbitrary code on the system running CloudForms. (CVE-2016-5383)
This issue was discovered by Eric Hayes (Red Hat).
and here is the complete summary of fixes in darga-3:
The GA announcement
remains the best summary of changes since Capablanca.
So, go ahead and download Darga-3.
For questions or support,
join in on the talk page.
This is a companion discussion topic for the original entry at http://manageiq.org/blog/2016/08/Announcing-Darga-3/