JUpload release 3.2.4 : security fix [Mandatory] JUpload release 3.2.4 : security fix [Mandatory]
 

News:

CPG Release 1.6.27
change DB IP storage fields to accommodate IPv6 addresses
remove use of E_STRICT (PHP 8.4 deprecated)
update README to reflect new website
align code with new .com CPG website
correct deprecation in captcha

Main Menu

JUpload release 3.2.4 : security fix [Mandatory]

Started by etienne_sf, September 22, 2008, 09:05:21 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

etienne_sf

September 22, 2008, 09:05:21 PM Last Edit: October 16, 2008, 10:47:05 PM by etienne_sf
Hi,

  Here is the announce for the 3.2.4 Release.

Security fix, mandatory to install when the PHP configuration parameter magic_quot_gpc is off (see phpinfo) and non trusted users may upload pictures.

The release is available here :
http://forum.coppermine-gallery.net/index.php?action=dlattach;topic=53168.0;attach=14119
and on my wiki:
http://etienne.lesgauthier.fr/wiki/doku.php?id=jupload_coppermine_download_gb


Release notes for 3.2.4:

Security fix:
- [Mandatory] Remove a possible SQL Injection for users allowed to upload files, when magic_quote_gpc is off on the PHP server.


Etienne
Print
Go Up Pages1
User actions