Advanced search  

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Pages: [1]   Go Down

Author Topic: cpg1.5.48 Security release - upgrade mandatory!  (Read 68033 times)

0 Members and 2 Guests are viewing this topic.

Αndré

  • Administrator
  • Coppermine addict
  • *****
  • Country: de
  • Offline Offline
  • Gender: Male
  • Posts: 15764
cpg1.5.48 Security release - upgrade mandatory!
« on: December 21, 2018, 08:55:42 pm »

The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.

How to update:
Users running versions prior to 1.5.48 should update immediately by downloading the latest version from the download page and following the upgrade steps in the documentation.

Support:
If you have problems with this update, please use the Update support board. Do not post your issues to this announcement thread - your post will be deleted without notice.

Why was cpg1.5.48 released?
The release covers a recently discovered reflected XSS vulnerability.

Additionally, cpg1.5.48 includes fixes for the following non-security related issues:
  • Added support for custom MySQL server port to vBulletin bridge (thread)
  • Updated Japanese language file (user contribution)
  • Fixed white screens with low privileged users clicking into open albums when using theme "curve" (thread)
Thanks to the Netsparker team for discovering the vulnerability.


The Coppermine Team
« Last Edit: December 21, 2018, 09:36:46 pm by Αndré »
Logged

Αndré

  • Administrator
  • Coppermine addict
  • *****
  • Country: de
  • Offline Offline
  • Gender: Male
  • Posts: 15764
Re: cpg1.5.48 Security release - upgrade mandatory!
« Reply #1 on: December 21, 2018, 08:55:48 pm »

Users running PHP 4, please read this.
Logged

John Zelada

  • Coppermine newbie
  • Offline Offline
  • Posts: 2
Re: cpg1.5.48 Security release - upgrade mandatory!
« Reply #2 on: May 06, 2020, 10:22:03 pm »

Has there been another update to date?
Logged

phill104

  • Administrator
  • Coppermine addict
  • *****
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 4885
    • Windsurf.me
Re: cpg1.5.48 Security release - upgrade mandatory!
« Reply #3 on: May 09, 2020, 03:00:36 pm »

The current project is the 1.6.x line. The 1.5.x line is maintenance only.
Logged
It is a mistake to think you can solve any major problems just with potatoes.
Pages: [1]   Go Up
 

Page created in 0.018 seconds with 20 queries.