Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: MiniCMS - Security Concerns  (Read 8543 times)

0 Members and 1 Guest are viewing this topic.

Joe Carver

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: us
  • Offline Offline
  • Gender: Male
  • Posts: 1545
  • aka 'i-imagine'
    • Home Page
MiniCMS - Security Concerns
« on: October 28, 2009, 04:05:29 pm »

Posted with the understanding that this is not a supported plugin.

MiniCMS uses third party software, FCKeditor to operate. A version (2.3?) is included with the plugin.

FCKeditor has been updated since this plugin was packaged with version 2.3. It is now at revision 2.6.5 (stable).
Some of the releases have been security related.

     *****

I have tried the plugin  with the latest stable release of FCKeditor. It seems to work well, but I do not have enough experience with it to issue a final judgment.

1) Backup the plugin on your server - plugins/minicms/
2) Download, unzip and upload FCKeditor package to plugins/minicms/fckeditor - DO NOT upload the _sample folder
3) Upload file plugins/minicms/fckeditor/style.xml from your backup to plugins/minicms/fckeditor/ on your server

    *****
References - Links

FCKeditor 2.6.5, released on 21 September 2009
http://ckeditor.com/download

Bugtraq Listings - FCKeditor
« Last Edit: October 28, 2009, 07:03:30 pm by i-imagine »
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: MiniCMS - Security Concerns
« Reply #1 on: October 29, 2009, 08:59:05 am »

Could you come up with a revised package of the MiniCMS plugin that contains the editor component in the most recent version? Thanks in advance.
Logged

Joe Carver

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: us
  • Offline Offline
  • Gender: Male
  • Posts: 1545
  • aka 'i-imagine'
    • Home Page
Re: MiniCMS - Security Concerns
« Reply #2 on: October 29, 2009, 01:46:41 pm »

Revised package completed. New revision is 1.81

Changes

- Update to FCKeditor 2.6.5
- Noted + marked in CHANGELOG and file headers - rev. 1.81
(note: existing package had varied rev. numbers in files)

Comment - It's a very useful, well written plugin!

Zip file is too large for attachment in this forum.
I have created a temporary link to the file.

[edit - link removed]
Download from here: (http://)  gallery.josephcarver.com/natural/cpg1.4.x_plugin_minicms_1.81.zip[/edit]

Please reply when you have successfully downloaded a copy (so the link can be removed) - thanks
« Last Edit: October 31, 2009, 12:53:40 pm by i-imagine »
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: MiniCMS - Security Concerns
« Reply #3 on: October 31, 2009, 11:59:50 am »

Thanks. I have attached the file to my posting.
Logged

Joe Carver

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: us
  • Offline Offline
  • Gender: Male
  • Posts: 1545
  • aka 'i-imagine'
    • Home Page
Re: MiniCMS - Security Concerns
« Reply #4 on: October 31, 2009, 12:56:09 pm »

You are welcome.

I hope that the "experienced enthusiasts" of this plugin will see no degradation in performance.
Pages: [1]   Go Up
 

Page created in 0.025 seconds with 20 queries.