Posts: 6,266
Threads: 181
Joined: Sep 2011
http://get-simple.info/download
- FIX: #974 files does not show permissions on windows
- FIX: #973 image.php dir traversal SECURITY
- FIX: #972 log.php xss SECURITY
- FIX: #971 prevent backend in frames x-frame policy SECURITY
- FIX: #970 better cookie security SECURITY
- FIX: #969 backup-edit traversal SECURITY
- FIX: #966 Security vulns SECURITY
- FIX: #965 corrupt page fatal error
- FIX: #948 Fatal Error => zip-Backup
- FIX: #945 placeholder confusion
- FIX: #944 XML External Entity (XXE) Vulnerability in admin/api.php SECURITY
- FIX: #979 some debug info when uploading image
- FIX: #996 Reverse Proxy : url detection
Posts: 321
Threads: 15
Joined: Feb 2012
Great! I am just testing it
My website made with GetSimple CMS is
Arte & Società
www.artesocieta.eu
An indipendent website about Italian Contemporary Visual Arts
Posts: 1,129
Threads: 137
Joined: Feb 2012
Really good to know that GS stays secure.
Posts: 6,266
Threads: 181
Joined: Sep 2011
These are all fairly minor btw, they are targeted attacks against authenticated users.
Posts: 14
Threads: 1
Joined: Sep 2014
I'm getting a version check error after upgrading. The api url is working fine though (
http://get-simple.info/api/start/v3.php)
Posts: 6,266
Threads: 181
Joined: Sep 2011
what version did you upgrade from?
Did you flush cache and try again?
Did you check again after 12 minutes?
older versions of GS cached this forever, if your checks ever failed you would never know you just kept seeing the cache file forever, you just did not know it was failing, now you do.
Posts: 149
Threads: 8
Joined: Dec 2011
Hi Shawn,
Can you make sure the Stable version with CKEditor patched to v4.3.2 also gets updated to 3.3.5? That version is currently still on 3.3.4.
Thanks man!
Posts: 6,266
Threads: 181
Joined: Sep 2011
done, I forgot to move the tag, I will be bumping the cke version in a few days to 4.4.7
Posts: 149
Threads: 8
Joined: Dec 2011
(2015-02-16, 00:53:07)shawn_a Wrote: done, I forgot to move the tag, I will be bumping the cke version in a few days to 4.4.7
Thanks man! I assume the new cke editor will definitely be integrated in GS v3.4?
Installing the Stable version with CKEditor patched for is a good stop-gap measure for IE11 users in the meantime but it would be good to have this fully IE compatible-version also be included in the Latest Stable Version.
Posts: 6,266
Threads: 181
Joined: Sep 2011
I think I will release 3.3.6 with it, and offer a backport to 3.3 if it breaks anyones plugins.
Posts: 11
Threads: 0
Joined: Jan 2014
Updated, and everything looks good.
Had a moment of slight panic when the page content editor disappeared. Just had to clear the browser cache...
Posts: 6,266
Threads: 181
Joined: Sep 2011
Yeah not sure why it does that, I might have to add version strings to the urls