An important security bug has been detected in Cotonti 0.6.x that might affect some sites with magic_quotes_gpc=Off. That's why today we have released 0.6.9 which fixes this bug and also improves our security and authentication mechanisms as requested by the community. Here are the changes:
- An important security fix and improvements for the rc.php static resource compressor
- Authentication security and stability improvement backported from Siena
- Anti-XSS improvement backported from Siena
- Authentication support for multi-domain sites (with "remember me")
This update is strongly recommended,
download it now. Note: right after the update all users will have to relogin into the site.
If you wonder about Siena, it is still under heavy development.
Поблагодарили: 12 раз
Does it mean that if they do it later, they won't be able to log in?
Поблагодарили: 263 раза
Поблагодарили: 6 раз
Поблагодарили: 263 раза
look here: http://trac.cotonti.com/ticket/505
Поблагодарили: 263 раза