Cotonti / Open Source PHP Content Management FrameworkContent Management Framework

Security update for Genoa

Новини / Оголошення / Security update for Genoa

0.6.9 comes with security improvements

An important security bug has been detected in Cotonti 0.6.x that might affect some sites with magic_quotes_gpc=Off. That's why today we have released 0.6.9 which fixes this bug and also improves our security and authentication mechanisms as requested by the community. Here are the changes:
  • An important security fix and improvements for the rc.php static resource compressor
  • Authentication security and stability improvement backported from Siena
  • Anti-XSS improvement backported from Siena
  • Authentication support for multi-domain sites (with "remember me")

This update is strongly recommended, download it now. Note: right after the update all users will have to relogin into the site.

If you wonder about Siena, it is still under heavy development.

1. tensh  16.07.2010 20:25

Thanks: 0

What does it mean:
"right after the update all users will have to relogin into the site."

Does it mean that if they do it later, they won't be able to log in?
2. Trustmaster  16.07.2010 21:05

Thanks: 0

No it doesn't mean anything of that kind. It only means that their current session will be cancelled.
3. Oughtem  20.07.2010 03:47

Thanks: 0

На русском бы...
4. Trustmaster  20.07.2010 22:09

Thanks: 0

Russian version of the news post
5. donP  22.07.2010 22:34

Thanks: 0

I've opened a new tiket, cause the header.php change has a defect...
look here:
6. Trustmaster  23.07.2010 16:50

Thanks: 0

Fixed in r1256, the download has been repackaged.

Всього: 6, на сторінці: 6

Додавання комментарів доступно лише зареєстрованим користувачам