Cotonti / Open Source PHP Content Management FrameworkContent Management Framework

Security update for Genoa

News / Ankündigungen / Security update for Genoa

0.6.9 comes with security improvements

An important security bug has been detected in Cotonti 0.6.x that might affect some sites with magic_quotes_gpc=Off. That's why today we have released 0.6.9 which fixes this bug and also improves our security and authentication mechanisms as requested by the community. Here are the changes:
  • An important security fix and improvements for the rc.php static resource compressor
  • Authentication security and stability improvement backported from Siena
  • Anti-XSS improvement backported from Siena
  • Authentication support for multi-domain sites (with "remember me")

This update is strongly recommended, download it now. Note: right after the update all users will have to relogin into the site.

If you wonder about Siena, it is still under heavy development.

1. tensh  16. Juli 2010, 20:25

Thanks: 0

What does it mean:
Trustmaster:
"right after the update all users will have to relogin into the site."

Does it mean that if they do it later, they won't be able to log in?
2. Trustmaster  16. Juli 2010, 21:05

Thanks: 0

No it doesn't mean anything of that kind. It only means that their current session will be cancelled.
3. Oughtem  20. Juli 2010, 03:47

Thanks: 0

На русском бы...
4. Trustmaster  20. Juli 2010, 22:09

Thanks: 0

Russian version of the news post
5. donP  22. Juli 2010, 22:34

Thanks: 0

I've opened a new tiket, cause the header.php change has a defect...
look here: http://trac.cotonti.com/ticket/505
6. Trustmaster  23. Juli 2010, 16:50

Thanks: 0

Fixed in r1256, the download has been repackaged.

Insgesamt: 6, auf Seite: 6

Nur registrierte Benutzer können Kommentare schreiben