Fork me on GitHub
Important security fix: 2.1.10, released 4 May.

Vanilla 2.0.18.4 Released

ToddTodd Chief Product Officer Vanilla Staff
edited March 2012 in Releases
This discussion is related to the Vanilla addon.

This release fixes a security hole in Vanilla that can leave your forum open to XSS attacks. There are also a couple of other minor fixes included with this release. We strongly recommend updating to this version of Vanilla.

Changelog:

  • 2012-03-26 Partially fix #1330 by checking the format field on models.
  • 2011-09-28 Fixed canonical url in /categories/*.
  • 2012-03-16 Fixed canonical url bug when looking at a category.

If you are running Vanilla 2.0.18+ and want the files to fix the security hole you can do the following:

  1. Download Vanilla 2.0.18.4
  2. Replace the following files on your site:

    • applications/dashboard/locale/en-CA/definitions.php
    • library/core/class.validation.php
    • library/core/functions.validation.php
Doudou
«1

Comments

«1
Sign In or Register to comment.