Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
GetSimpleCMS V3.3.5 released
#1
http://get-simple.info/download

  • FIX: #974 files does not show permissions on windows
  • FIX: #973 image.php dir traversal SECURITY
  • FIX: #972 log.php xss SECURITY
  • FIX: #971 prevent backend in frames x-frame policy SECURITY
  • FIX: #970 better cookie security SECURITY
  • FIX: #969 backup-edit traversal SECURITY
  • FIX: #966 Security vulns SECURITY
  • FIX: #965 corrupt page fatal error
  • FIX: #948 Fatal Error => zip-Backup
  • FIX: #945 placeholder confusion
  • FIX: #944 XML External Entity (XXE) Vulnerability in admin/api.php SECURITY
  • FIX: #979 some debug info when uploading image
  • FIX: #996 Reverse Proxy : url detection
NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix
Reply
#2
Great! I am just testing it
My website made with GetSimple CMS is

Arte & Società
www.artesocieta.eu

An indipendent website about Italian Contemporary Visual Arts
Reply
#3
Really good to know that GS stays secure.
Reply
#4
These are all fairly minor btw, they are targeted attacks against authenticated users.
NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix
Reply
#5
I'm getting a version check error after upgrading. The api url is working fine though (http://get-simple.info/api/start/v3.php)
Reply
#6
what version did you upgrade from?
Did you flush cache and try again?
Did you check again after 12 minutes?

older versions of GS cached this forever, if your checks ever failed you would never know you just kept seeing the cache file forever, you just did not know it was failing, now you do.
NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix
Reply
#7
Hi Shawn,

Can you make sure the Stable version with CKEditor patched to v4.3.2 also gets updated to 3.3.5? That version is currently still on 3.3.4.

Thanks man!
Reply
#8
done, I forgot to move the tag, I will be bumping the cke version in a few days to 4.4.7
NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix
Reply
#9
(2015-02-16, 00:53:07)shawn_a Wrote: done, I forgot to move the tag, I will be bumping the cke version in a few days to 4.4.7

Thanks man! I assume the new cke editor will definitely be integrated in GS v3.4?

Installing the Stable version with CKEditor patched for is a good stop-gap measure for IE11 users in the meantime but it would be good to have this fully IE compatible-version also be included in the Latest Stable Version.
Reply
#10
I think I will release 3.3.6 with it, and offer a backport to 3.3 if it breaks anyones plugins.
NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix
Reply
#11
Updated, and everything looks good.

Had a moment of slight panic when the page content editor disappeared. Just had to clear the browser cache... Smile
Reply
#12
Yeah not sure why it does that, I might have to add version strings to the urls
NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix
Reply




Users browsing this thread: 2 Guest(s)