From 6db1f188647d766b189a52bfe4f3b2c87b7abcd8 Mon Sep 17 00:00:00 2001
From: zooko <>
Date: Fri, 24 Aug 2007 16:43:24 +0000
Subject: [PATCH] announce Tahoe v0.5.1

[Imported from Trac: page News, version 20]
---
 News.md | 26 +++-----------------------
 1 file changed, 3 insertions(+), 23 deletions(-)

diff --git a/News.md b/News.md
index 9e27d25..c454842 100644
--- a/News.md
+++ b/News.md
@@ -2,31 +2,11 @@
 
 ## Latest News
 
-### 2007-08-21 -- security flaw
+### 2007-08-23 -- Allmydata Tahoe v0.5.1 released!
 
-Nathan Wilcox has discovered that the new web API in allmydata-tahoe
-version 0.5 is vulnerable to XSRF attack.  An XSRF -- or "Cross-Site
-Reference Forgery" attack -- is one in which an attacker creates an 
-innocuous-looking hyperlink, and if a user clicks on that hyperlink 
-then it causes deletion or theft of the user's data.  We are working 
-on a fix for this problem, and in the meantime if you have stored any 
-private or precious data on a tahoe grid, then you can make sure that 
-you are not exposed to this threat by shutting down your tahoe node
-before browsing the web. 
+This fixes a security flaw in Tahoe v0.5.0.
 
-You can read more about the attack and our fix in the mailing list archves:
-
-<http://allmydata.org/pipermail/tahoe-dev/>
-
-and in this bug tracker ticket:
-
-<http://allmydata.org/trac/tahoe/ticket/98>
-
-### 2007-08-17 -- Allmydata Tahoe v0.5 released!
-
-This version adds a RESTful API allowing you to program your Tahoe node in the language of your choice, as well as a command-line API in the Unix style, and some performance improvements. 
-
-Please see [the Release Notes]source:relnotes.txt@1129.
+Please see [the Release Notes]source:relnotes.txt@1154.
 
 ## Old News