concrete5 5.7.5.9 Released

concrete5 5.7.5.9 was released yesterday. The new version includes small feature improvements and bug fixes. The new version also “fixes minor security vulnerability with pagination parameters”.

More information is available in the release notes.

Posted in concrete5, Security Update | Leave a comment

TYPO3 6.2.26, 7.6.10 and 8.2.1 Released

TYPO3 6.2.26, 7.6.10, and 8.2.1 were released today. The new versions contain bug fixes and “critical security fixes”, including fixes for cross-site scripting (XSS), SQL injection, and unsafe unserialize vulnerabilities.

More information is available in the release notes for 6.2.267.6.10, and 8.2.1.

Posted in Security Update, TYPO3 | Leave a comment

Drupal 8.1.7 Released

Drupal 8.1.7 was released today. The new version includes a fix for a vulnerability in the third-party library Guzzle included and used in Drupal 8.

More information is available in the release notes.

Posted in Drupal, Security Update | Leave a comment

Drupal 8.1.6 Released

Drupal 8.1.6 was released on Monday. The new version fixes an issue that occurred when upgrading to 8.1.4 or 8.1.5 “without first emptying the /core and /vendor folders” that could cause to “a fatal error due to code that should have been removed being executed”.

Drupal 8.1.5 was “identical to Drupal 8.1.4, except that Drupal 8.1.4 incorrectly reports it’s own version as 8.1.4-dev”.

More information is available in the release notes.

Posted in Drupal | Leave a comment

Joomla 3.6.0 Released

Joomla 3.6.0 was released today. The new version includes UX improvements, improvements to the update process, and per menu access controls.

More information is available in the release announcement.

Posted in Joomla | Leave a comment

Moodle 2.7.15, 2.9.7, 3.0.5, and 3.1.1 Released

Moodle 2.7.15, 2.9.7, 3.0.5, and 3.1.1 were released today. All of the new versions include security fixes. Details of the security vulnerabilities fixed will be released in a week. Versions 3.0.5 and 3.1.1 also include “small improvements” and bug fixes.

Update (July 19, 2016): Moodle has now released information on the security issue fixed in the releases. The vulnerabilities fixed include a vulnerability that allowed users to send emails to arbitrary email addresses through Moodle.

More information is available in the release notes for 2.7.152.9.73.0.5, and 3.1.1.

Posted in Moodle, Security Update | Leave a comment

Drupal 7.50 Released

Drupal 7.50 was released today. The leap from 7.44 to 7.50 is due to more significant changes between minor versions than usually occurs. Among the changes is support for full UTF-8 (emojis, Asian symbols, mathematical symbols) when using a MySQL database and improved support for PHP versions, including PHP 7. The new version also fixes numerous bugs. While the new version doesn’t include “security fixes” it does include security improvements, including a new permission for administering fields and clickjacking protection is now on by default.

More information is available in the blog post and release notes for the new version.

Posted in Drupal, Security Update | Leave a comment

Drupal 8.1.4 Released

Drupal 8.1.4 was released today. The new version includes “bug fixes, along with documentation and testing improvements”.

More information is available in the release notes.

Posted in Drupal | Leave a comment

TYPO3 8.2.0 Released

TYPO3 8.2.0 was released today. The new version includes expanded use of the new database abstraction layer and “additional security measurements that are available with PHP7 have been integrated”.

More information is available in the release announcement.

Posted in TYPO3 | Leave a comment

MediaWiki 1.27.0 Released, Support Ends For MediaWiki 1.25.x

MediaWiki 1.27.0 was released yesterday. The new version includes a lot of new minor features and bug fixes.

The new version requires at least version 5.5.9 of PHP.

More information is available in the release announcement.

Support ended for MediaWiki 1.25.x with the release 1.27.0. Anyone still running 1.25.x should upgrade to a newer version.

Posted in End of Support, MediaWiki | Leave a comment