• twitter image
  • facebook image
  • youtube image
  • linkedin image
Language: CMS Made Simple Czech CMS Made Simple France CMS Made Simple Spain CMS Made Simple Hungary CMS Made Simple Russia CMS Made Simple Netherlands

All times are UTC




Post new topic Reply to topic  [ 1 post ] 
Author Message
 Post subject: Coming soon: CMSMS 1.11.7
PostPosted: Tue May 21, 2013 6:45 pm 
Offline
Dev Team Member
Dev Team Member
User avatar

Joined: Tue Oct 19, 2004 6:44 pm
Posts: 7113
Location: Fernie British Columbia, Canada
Over the weekend we received a report of a few important security vulnerabilities in CMSMS 1.11.6 (and all previous versions). We have reproduced them, and applied fixes to the CMSMS core. Therefore, as we like to be proactive with security issues in the core, there will be a 1.11.7 release coming soon.

Though the changes we made were relatively simple, We are going to do some testing to try to ensure that we haven't broken any core functionality with these changes before we release.

We would like to thank the people at "LEAKFREE IT Security" for reporting these issues to us.

In addition, there has been a change to CMSMS with respect to handling of time zone issues. We have spent a considerable amount of time researching and experimenting and have found a solution to allow you to enter date and time values (for example for News articles) in a timezone that is not necessarily that of the server.

The new config option 'set_db_timezone' which will be OFF by default for 1.11.x will allow you to specify the timezone that should be used for entering and displaying dates and times. i.e: if your server is in California USA, but you are building a website for a club in the netherlands, you could set your 'timezone' to a 'Netherlands/Amsterdam' (I think that's the correct one). and enable 'set_db_timezone' in the config.php. This would allow you to enter dates and times for News articles or Calendar events relative to Amsterdam and have their display work properly.

We hope to have this release out some time this week, but are waiting on some testing by other members of the dev team, and to get the necessary amount of 'thumbs up' before we release.

Stay tuned, and thanks you for your time.

_________________
Follow me on twitter
--
if you can't bother explaining your problem well, you shouldn't expect much in the way of assistance.
----------------
Don't make me angry..... you won't like me when I'm angry....


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

All times are UTC


Who is online

Users browsing this forum: No registered users


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
A2 Hosting