GetSimple Support Forum

GetSimple Support Forum > GetSimple > Announcements > GetSimpleCMS V3.3.5 released
Full Version: GetSimpleCMS V3.3.5 released
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

shawn_a

2015-02-05, 05:06:20
http://get-simple.info/download

  • FIX: #974 files does not show permissions on windows
  • FIX: #973 image.php dir traversal SECURITY
  • FIX: #972 log.php xss SECURITY
  • FIX: #971 prevent backend in frames x-frame policy SECURITY
  • FIX: #970 better cookie security SECURITY
  • FIX: #969 backup-edit traversal SECURITY
  • FIX: #966 Security vulns SECURITY
  • FIX: #965 corrupt page fatal error
  • FIX: #948 Fatal Error => zip-Backup
  • FIX: #945 placeholder confusion
  • FIX: #944 XML External Entity (XXE) Vulnerability in admin/api.php SECURITY
  • FIX: #979 some debug info when uploading image
  • FIX: #996 Reverse Proxy : url detection

D.O.

2015-02-05, 22:46:21
Great! I am just testing it

Timbow

2015-02-05, 23:02:25
Really good to know that GS stays secure.

shawn_a

2015-02-05, 23:21:40
These are all fairly minor btw, they are targeted attacks against authenticated users.

salvamaine

2015-02-09, 17:57:54
I'm getting a version check error after upgrading. The api url is working fine though (http://get-simple.info/api/start/v3.php)

shawn_a

2015-02-10, 01:11:53
what version did you upgrade from?
Did you flush cache and try again?
Did you check again after 12 minutes?

older versions of GS cached this forever, if your checks ever failed you would never know you just kept seeing the cache file forever, you just did not know it was failing, now you do.

Draxeiro

2015-02-14, 01:39:30
Hi Shawn,

Can you make sure the Stable version with CKEditor patched to v4.3.2 also gets updated to 3.3.5? That version is currently still on 3.3.4.

Thanks man!

shawn_a

2015-02-16, 00:53:07
done, I forgot to move the tag, I will be bumping the cke version in a few days to 4.4.7

Draxeiro

2015-02-17, 17:31:59
(2015-02-16, 00:53:07)shawn_a Wrote: [ -> ]done, I forgot to move the tag, I will be bumping the cke version in a few days to 4.4.7

Thanks man! I assume the new cke editor will definitely be integrated in GS v3.4?

Installing the Stable version with CKEditor patched for is a good stop-gap measure for IE11 users in the meantime but it would be good to have this fully IE compatible-version also be included in the Latest Stable Version.

shawn_a

2015-02-18, 01:14:51
I think I will release 3.3.6 with it, and offer a backport to 3.3 if it breaks anyones plugins.

indyana

2015-02-18, 21:36:07
Updated, and everything looks good.

Had a moment of slight panic when the page content editor disappeared. Just had to clear the browser cache... Smile

shawn_a

2015-02-19, 04:24:33
Yeah not sure why it does that, I might have to add version strings to the urls
GetSimple Support Forum > GetSimple > Announcements > GetSimpleCMS V3.3.5 released