Fork me on GitHub
Current releases are 2.1.1 (2 Aug 2014) and 2.0.18.13 (5 Aug 2014)
Ready for 2.1? Find out if your favorite plugins are compatible.
The 2.0 branch will no longer receive updates after Dec 2014.

Vanilla 2.0.18.4 Released

ToddTodd Chief Product Officer Vanilla Staff
edited March 2012 in Releases
This discussion is related to the Vanilla addon.

This release fixes a security hole in Vanilla that can leave your forum open to XSS attacks. There are also a couple of other minor fixes included with this release. We strongly recommend updating to this version of Vanilla.

Changelog:

  • 2012-03-26 Partially fix #1330 by checking the format field on models.
  • 2011-09-28 Fixed canonical url in /categories/*.
  • 2012-03-16 Fixed canonical url bug when looking at a category.

If you are running Vanilla 2.0.18+ and want the files to fix the security hole you can do the following:

  1. Download Vanilla 2.0.18.4
  2. Replace the following files on your site:
    • applications/dashboard/locale/en-CA/definitions.php
    • library/core/class.validation.php
    • library/core/functions.validation.php
Doudou
«1

Comments

«1
Sign In or Register to comment.