The XOOPS Core development team is pleased to announce that a patch addressing the vulnerability in the XoopsMediaUploader class has been released and is available in our Downloads Section
It contains three files:
/class/uploader.php - the new XoopsMediaUploader class, replacing the existing
/class/mimetypes.inc.php - a new file containing mimetypes and their extensions
/include/version.php - updates the version to 2.0.9.3
Upgrade Instructions: Upload the files to their respective folders, overwriting existing files.
Special thanks goes out to Pokleyzz for reporting this bug on sourceforge.net, to the Japanese community for reporting it a long time ago and to phppp for helping Skalpa addressing it. Also thank you to everyone testing this patch prior to its release.
Xoops 2.0.9.2 to 2.0.9.3 Patch (zip)
Xoops 2.0.9.2 to 2.0.9.3 Patch (tar.gz)
Mithrandir
Xoops Core Developer
It contains three files:
/class/uploader.php - the new XoopsMediaUploader class, replacing the existing
/class/mimetypes.inc.php - a new file containing mimetypes and their extensions
/include/version.php - updates the version to 2.0.9.3
Upgrade Instructions: Upload the files to their respective folders, overwriting existing files.
Special thanks goes out to Pokleyzz for reporting this bug on sourceforge.net, to the Japanese community for reporting it a long time ago and to phppp for helping Skalpa addressing it. Also thank you to everyone testing this patch prior to its release.
Xoops 2.0.9.2 to 2.0.9.3 Patch (zip)
Xoops 2.0.9.2 to 2.0.9.3 Patch (tar.gz)
Mithrandir
Xoops Core Developer
|
|
Login
Search
Recent Comments
Who's Online
Donat-O-Meter
| Stats | |
| Goal: | $100.00 |
| Due Date: | Apr 30 |
| Gross Amount: | $0.00 |
| Net Balance: | $0.00 |
| Left to go: | $100.00 |
 |
|