Coming soon: CMSMS 1.11.7

Project Announcements. This is read-only, as in... not for problems/bugs/feature request.
Post Reply
calguy1000
Support Guru
Support Guru
Posts: 8169
Joined: Tue Oct 19, 2004 6:44 pm
Location: Fernie British Columbia, Canada

Coming soon: CMSMS 1.11.7

Post by calguy1000 »

Over the weekend we received a report of a few important security vulnerabilities in CMSMS 1.11.6 (and all previous versions). We have reproduced them, and applied fixes to the CMSMS core. Therefore, as we like to be proactive with security issues in the core, there will be a 1.11.7 release coming soon.

Though the changes we made were relatively simple, We are going to do some testing to try to ensure that we haven't broken any core functionality with these changes before we release.

We would like to thank the people at "LEAKFREE IT Security" for reporting these issues to us.

In addition, there has been a change to CMSMS with respect to handling of time zone issues. We have spent a considerable amount of time researching and experimenting and have found a solution to allow you to enter date and time values (for example for News articles) in a timezone that is not necessarily that of the server.

The new config option 'set_db_timezone' which will be OFF by default for 1.11.x will allow you to specify the timezone that should be used for entering and displaying dates and times. i.e: if your server is in California USA, but you are building a website for a club in the netherlands, you could set your 'timezone' to a 'Netherlands/Amsterdam' (I think that's the correct one). and enable 'set_db_timezone' in the config.php. This would allow you to enter dates and times for News articles or Calendar events relative to Amsterdam and have their display work properly.

We hope to have this release out some time this week, but are waiting on some testing by other members of the dev team, and to get the necessary amount of 'thumbs up' before we release.

Stay tuned, and thanks you for your time.
Follow me on twitter
Please post system information from "Extensions >> System Information" (there is a bbcode option) on all posts asking for assistance.
--------------------
If you can't bother explaining your problem well, you shouldn't expect much in the way of assistance.
Post Reply

Return to “Announcements”