concrete5 5.6.3.2 and 5.7 Released

concrete5 5.6.3.2 was released yesterday. The new version include minor improvements and bug fixes. The new version also fixes three security issues:  a full path disclosure vulnerability, a cross-site scripting (XSS) vulnerability, and database sanitation improvements.

concrete5 5.7 was released last Friday and 5.7.0.1 was released yesterday. This new version is a major overhaul of the software and you can not upgrade, instead a migration is required. It will also require that themes and add-ons have new versions created. More details of the changes made are available in the release notes. The developers currently recommend using it only if you are starting on a new project, as 5.7.1 will be the first 5.7.x version ready for general use. Support for 5.6.x will continue with “for security and critical bugs for at least a year”.

More information is available in the release notes for 5.6.3.2, 5.7, and 5.7.0.1.

Posted in concrete5, Security Update | Leave a comment

Moodle 2.5.8, 2.6.5, and 2.7.2 Released

Moodle 2.5.8, 2.6.5, and 2.7.2 were released today. All of the releases include security fixes and 2.6.5 and 2.7.2 also include bug fixes. Details of the security vulnerabilities fixed will be released later.

Update (September 15, 2014): Moodle has now released information on the security issues fixed in the releases. All three versions fix a minor vulnerability that exposes the name of the last person to post in a Q&A forum. Moodle 2.6.5 and 2.7.2 fix a vulnerability that “could potentially allow unauthorised access and privilege escalation” when using   Central Authentication Service (CAS). This vulnerability was not fixed in 2.5.8 and CAS users “are encouraged to upgrade to a more recent release”.

More information is available in the release notes for 2.5.82.6.5, and 2.7.2.

 

Posted in Moodle, Security Update | Leave a comment

Piwik 2.6.0 and 2.6.1 Released

Piwik 2.6.0 and 2.6.1 were released today. Piwik 2.6.0 includes bug fixes and minor improvements. Piwiki 2.6.1 fixed an error introduced in 2.6.0.

More information is available in the changelog for 2.6.0.

 

Posted in Piwik | Leave a comment

WordPress 4.0 Released

WordPress 4.0 was released today. The new version includes an improved visual editor, improved content embedding, much improved interface for accessing the WordPress.org plugin directory, and more.

More information is available in the release notice and Codex document.

 

Posted in WordPress | Leave a comment

MediaWiki 1.22.10 and 1.23.3 Released

MediaWiki 1.22.10 and 1.23.3 were released yesterday. The new versions fix a number of bugs.

More information is available in the release announcement for 1.22.10 and 1.23.3.

 

Posted in MediaWiki | Leave a comment

Piwik 2.5.0 Released

Piwiki 2.5.0 was released last Friday. The new version includes numerous minor improvements and bug fixes.

More information is available in the changelog.

 

Posted in Piwik | Leave a comment

WordPress 3.9.2 Released

WordPress 3.9.2 was released today. The new version fixes several security vulnerabilities, including a potential code execution vulnerability, and includes additional security hardening.

For those still running WordPress 3.7 or 3.8 new versions, 3.7.4 and 3.8.4 respectively, have been released that contain the same fixes.

More information is available in the release notice and Codex document.

Posted in Security Update, WordPress | Leave a comment

Drupal 6.33 and 7.31 Released

Drupal 6.33 and 7.31 were released today. The new versions fixes a denial of service (DOS) security vulnerability in Drupal’s XML-RPC endpoint.

More information is available in the release notes for 6.33 and 7.31.

Posted in Drupal, Security Update | Leave a comment

PrestaShop 1.6.0.9 Released

PrestaShop 1.6.0.9 was released today. The new version includes numerous bug fixes.

More information is available in the changelog.

Posted in PrestaShop | Leave a comment

MediaWiki 1.19.18,1.22.9, and 1.23.2 Released

MediaWiki 1.19.18, 1.22.9, and 1.23.2 were released yesterday. The new versions include several security fixes. Version 1.22.8 and 1.23.2 also include bug fixes.

More information is available in the release announcement for 1.19.18, 1.22.9, and 1.23.2.

Posted in MediaWiki, Security Update | Leave a comment