Vulnerability announcements: link) link)
This vulnerability is fixed by setting up proper var checks in tiki-setup_base.php. The release includes an updated version of that file, so you can secure your own tiki by just replacing that file with the current tiki-setup_base.php from cvs.

Note that the only other fix included in that release is about the italian language file that was broken in

-- mose