Coppermine maintenance release cpg1.4.4 - upgrade as soon as possible

[Joachim Müller]

Hello all,

due to the security issues discovered recently that exist in all coppermine versions up to and including cpg1.4.3 (see hotfix thread "Patch for Coppermine 1.4.3 remote code execution - Update NOW!") the coppermine dev team has released cpg1.4.4 as a maintenance release. If you haven't applied the above mentioned hotfix it's mandatory to upgrade your install as soon as possible. Users who already have applied the hotfix are safe against the vulnerability, yet it is still recommended to upgrade to cpg1.4.4, as the maintenance release contains various minor bug fixes that are not security-related.

The new package cpg1.4.4 contains the most recent language files as well as improved doumentation.
Instructions how to upgrade your coppermine version are included in the documentation as well that comes with the package (inside the docs folder) and that are available online as well (link "documentation") at the top of this page.

Download cpg1.4.4: http://prdownloads.sourceforge.net/coppermine/cpg1.4.4.zip?download

Please do not reply to this thread for individual support issues, but only with general questions related to the release itself.

Joachim
- coppermine project manager -

[kramme]

GauGau wrote:
The new package cpg1.4.4 contains the most recent language files as well as improved doumentation.


Question from Kramme: How near is a danish translation for ver. 1.4.4 ? Do you know anything about a possible danish translater ?

[Nibbler]

Check the translations thread.

http://forum.coppermine-gallery.net/index.php?topic=20355.0

[Tiffany]

 just follow the documenation to do the update of my gallery 1.3.5 to 1.4.4, but after I do the updated, it's just a blank page now     You can check my gallery page at www.kvhk-entertainment.com/gallery
Any suggestons are really appreciated.

Sorry, wrong post.  Please delete it for me.

[Nibbler]

Please do not reply to this thread for individual support issues, but only with general questions related to the release itself.

[Chickenkicker]

Quick note, in the fix for 1.4.3 patch for remote code execution it states edit docs/showdocs.php  Sorry, but in my install the filename is showdoc.php
I edited that file, no showdocs.php in my docs directory... Hope others figured this out..

[Tigger88]

I just want to make sure before I download and install this that I am not going to lose everything that is already in my gallery since I am currently using cpg 1.3.3.

[Nibbler]

There are update instructions provided.

[FilipSupera]

I made a better translation in French (which is my first language) and made it HTML compatible to avoid problems with accents.

The file is available there :

http://www.libre-essai.net/album-photo/french.php.zip

[Joachim Müller]

using html equivalents like è is not recommended when using utf-8. You could have converted the regular language file to iso8859-1 instead. We appreciate your willingness to contribute, but we can't recommend the usage of the file.

[zamirzamir]

In the read me file it says

Coppermine as a fresh, stand-alone (non-upgrade) install. (If you are trying to upgrade from a previous installation of coppermine, you already know what to do - RTFM.) Ready?


What if I dont know, please provide a link for UPDATE instractions, I wouldnt want to loose my files out of mistake.

[kegobeer]

In the read me file it says

Coppermine as a fresh, stand-alone (non-upgrade) install. (If you are trying to upgrade from a previous installation of coppermine, you already know what to do - RTFM.) Ready?


What if I dont know, please provide a link for UPDATE instractions, I wouldnt want to loose my files out of mistake.

Read the documentation.  Complete instructions are provided in every Coppermine release.

[scrapgranny]

Maybe you could just point us in the right direction to FIND the upgrade instructions because I sure can't find them.

Thanks

[Nibbler]

Look at the top of your screen, click on the word 'Documentation' and read the section '3.5 Upgrading from cpg1.4.0 (or better) to version cpg1.4.4'

[easykey]

Upgraded to 1.4.4 a couple of weeks ago and my Server Administrators have just called me to say that the new 1.4.4 had a security compromise last night so they closed my web space down!!

[Nibbler]

You'll have to take that up with them.

[easykey]

Who?  My dedicated server guys or Coppermine?

[Joachim Müller]

don't discuss your individual issues on this announcement thread. Ask your webhost what the actual issue they claim to be coppermine-related is. Start your own thread on the support board for further discussion, don't clutter this one with unrelated stuff.

[easykey]

I'm sorry you feel this thread is irrelevant
However, I was advised to update from 1.4.3 to 1.4.4 as this maintenance release was to prevent the compromise we experienced on our servers.

Despite installing the Coppermine maintenance release cpg1.4.4  we have been compromised again

My point is I wondered whether anyone else had experienced security breaches with this release?

I will post up general details of the latest vulnerability when I get them

The reason I posted it here was because this thread is a direct link from the main site - entitled Maintenance release cpg1.4.4 fixes security issues - Update NOW!

[Joachim Müller]

I repeat: stop replying to this thread! You just posted unusable complaints like

to prevent the compromise we experienced on our servers.

- that doesn't say anything.

Like I said: start your own thread - I will delete all future replies you make to this one. Post what actually happens, be as detailed as possible, with links, error messages, log details and the whole enchillada.