Vienna 2.3.2 Security Update

[jeff_johnson_dev]

The development team has officially released Vienna 2.3.2. You can download it using the "Check For Updates" menu item in Vienna or from our web site.

Vienna 2.3.2 is a security update. All Vienna users should update to version 2.3.2 as soon as possible. There is a potential security vulnerability if you attempt to delete a maliciously crafted subscription. This vulnerability was discovered and reported to the Vienna team by the security researcher Julien Bachmann. Please note that there are no known exploits of the vulnerability in the wild, so if you update now, you should be safe.

Vienna 2.3.2 also includes a few non-security fixes:

• Fix for http://sourceforge.net/tracker/index.php?func=detail&aid=2724576&group_id=142635&atid=753018: If network is down, URL tab information is lost. (Patch from Benedict Cohen)
• For for http://sourceforge.net/tracker/index.php?func=detail&aid=2381168&group_id=142635&atid=753018: Keychain issues with https.
• When switching back and forth from a tab, maintain the selected user interface item in the tab.

[jeff_johnson_dev]

As a follow-up, we have just officially released Vienna 2.3.3, which fixes a crash in the Preferences panes introduced in Vienna 2.3.2.

We apologize for the problem. Vienna 2.3.2 was a security update, so we needed to get a release out as soon as possible and didn't have a chance to do beta testing for that version.

[jeff_johnson_dev]

Another day, another update, sorry! Vienna 2.3.4 fixes a Preferences pane crash that occurs if you try to change the default RSS reader or the downloads folder.