JUpload release 3.2.4 : security fix [Mandatory] JUpload release 3.2.4 : security fix [Mandatory]
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

JUpload release 3.2.4 : security fix [Mandatory]

Started by etienne_sf, September 22, 2008, 09:05:21 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

etienne_sf

September 22, 2008, 09:05:21 PM Last Edit: October 16, 2008, 10:47:05 PM by etienne_sf
Hi,

  Here is the announce for the 3.2.4 Release.

Security fix, mandatory to install when the PHP configuration parameter magic_quot_gpc is off (see phpinfo) and non trusted users may upload pictures.

The release is available here :
http://forum.coppermine-gallery.net/index.php?action=dlattach;topic=53168.0;attach=14119
and on my wiki:
http://etienne.lesgauthier.fr/wiki/doku.php?id=jupload_coppermine_download_gb


Release notes for 3.2.4:

Security fix:
- [Mandatory] Remove a possible SQL Injection for users allowed to upload files, when magic_quote_gpc is off on the PHP server.


Etienne
Print
Go Up Pages1
User actions