JUpload release 3.2.4 : security fix [Mandatory] JUpload release 3.2.4 : security fix [Mandatory]
 

News:

CPG Release 1.6.29
During HTML5 upload, keep pseudo blank code 200 messages from triggering error condition
added Russian language
correct failure to use theme menu icons in album manager
minor vulnerabilities mitigation

Main Menu

JUpload release 3.2.4 : security fix [Mandatory]

Started by etienne_sf, September 22, 2008, 09:05:21 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

etienne_sf

September 22, 2008, 09:05:21 PM Last Edit: October 16, 2008, 10:47:05 PM by etienne_sf
Hi,

  Here is the announce for the 3.2.4 Release.

Security fix, mandatory to install when the PHP configuration parameter magic_quot_gpc is off (see phpinfo) and non trusted users may upload pictures.

The release is available here :
http://forum.coppermine-gallery.net/index.php?action=dlattach;topic=53168.0;attach=14119
and on my wiki:
http://etienne.lesgauthier.fr/wiki/doku.php?id=jupload_coppermine_download_gb


Release notes for 3.2.4:

Security fix:
- [Mandatory] Remove a possible SQL Injection for users allowed to upload files, when magic_quote_gpc is off on the PHP server.


Etienne
Print
Go Up Pages1
User actions