GetSimple Support Forum
GetSimpleCMS V3.3.5 released - Printable Version

+- GetSimple Support Forum (http://get-simple.info/forums)
+-- Forum: GetSimple (http://get-simple.info/forums/forumdisplay.php?fid=3)
+--- Forum: Announcements (http://get-simple.info/forums/forumdisplay.php?fid=15)
+--- Thread: GetSimpleCMS V3.3.5 released (/showthread.php?tid=7076)

GetSimpleCMS V3.3.5 released - shawn_a - 2015-02-05

http://get-simple.info/download

  • FIX: #974 files does not show permissions on windows
  • FIX: #973 image.php dir traversal SECURITY
  • FIX: #972 log.php xss SECURITY
  • FIX: #971 prevent backend in frames x-frame policy SECURITY
  • FIX: #970 better cookie security SECURITY
  • FIX: #969 backup-edit traversal SECURITY
  • FIX: #966 Security vulns SECURITY
  • FIX: #965 corrupt page fatal error
  • FIX: #948 Fatal Error => zip-Backup
  • FIX: #945 placeholder confusion
  • FIX: #944 XML External Entity (XXE) Vulnerability in admin/api.php SECURITY
  • FIX: #979 some debug info when uploading image
  • FIX: #996 Reverse Proxy : url detection


RE: GetSimpleCMS V3.3.5 released - D.O. - 2015-02-05

Great! I am just testing it

RE: GetSimpleCMS V3.3.5 released - Timbow - 2015-02-05

Really good to know that GS stays secure.

RE: GetSimpleCMS V3.3.5 released - shawn_a - 2015-02-05

These are all fairly minor btw, they are targeted attacks against authenticated users.

RE: GetSimpleCMS V3.3.5 released - salvamaine - 2015-02-09

I'm getting a version check error after upgrading. The api url is working fine though (http://get-simple.info/api/start/v3.php)

RE: GetSimpleCMS V3.3.5 released - shawn_a - 2015-02-10

what version did you upgrade from?
Did you flush cache and try again?
Did you check again after 12 minutes?

older versions of GS cached this forever, if your checks ever failed you would never know you just kept seeing the cache file forever, you just did not know it was failing, now you do.

RE: GetSimpleCMS V3.3.5 released - Draxeiro - 2015-02-14

Hi Shawn,

Can you make sure the Stable version with CKEditor patched to v4.3.2 also gets updated to 3.3.5? That version is currently still on 3.3.4.

Thanks man!

RE: GetSimpleCMS V3.3.5 released - shawn_a - 2015-02-16

done, I forgot to move the tag, I will be bumping the cke version in a few days to 4.4.7

RE: GetSimpleCMS V3.3.5 released - Draxeiro - 2015-02-17

(2015-02-16, 00:53:07)shawn_a Wrote: done, I forgot to move the tag, I will be bumping the cke version in a few days to 4.4.7

Thanks man! I assume the new cke editor will definitely be integrated in GS v3.4?

Installing the Stable version with CKEditor patched for is a good stop-gap measure for IE11 users in the meantime but it would be good to have this fully IE compatible-version also be included in the Latest Stable Version.

RE: GetSimpleCMS V3.3.5 released - shawn_a - 2015-02-18

I think I will release 3.3.6 with it, and offer a backport to 3.3 if it breaks anyones plugins.

RE: GetSimpleCMS V3.3.5 released - indyana - 2015-02-18

Updated, and everything looks good.

Had a moment of slight panic when the page content editor disappeared. Just had to clear the browser cache... Smile

RE: GetSimpleCMS V3.3.5 released - shawn_a - 2015-02-19

Yeah not sure why it does that, I might have to add version strings to the urls