Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: JUpload release 3.2.4 : security fix [Mandatory]  (Read 4226 times)

0 Members and 1 Guest are viewing this topic.

etienne_sf

  • Moderator
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 908
    • Wiki
JUpload release 3.2.4 : security fix [Mandatory]
« on: September 22, 2008, 09:05:21 pm »
Hi,

  Here is the announce for the 3.2.4 Release.

Security fix, mandatory to install when the PHP configuration parameter magic_quot_gpc is off (see phpinfo) and non trusted users may upload pictures.

The release is available here :
http://forum.coppermine-gallery.net/index.php?action=dlattach;topic=53168.0;attach=14119
and on my wiki:
http://etienne.lesgauthier.fr/wiki/doku.php?id=jupload_coppermine_download_gb


Release notes for 3.2.4:

Security fix:
- [Mandatory] Remove a possible SQL Injection for users allowed to upload files, when magic_quote_gpc is off on the PHP server.


Etienne
« Last Edit: October 16, 2008, 10:47:05 pm by etienne_sf »
Logged
Pages: [1]   Go Up
« previous next »
 

Page created in 0.014 seconds with 16 queries.