Announcing CMSMS 1.9.4.3 - Important Security Release
Re: Announcing CMSMS 1.9.4.3 - Important Security Release
I installed the diff 1.9.4.2 to 1.9.4.3 but need to know if this package is OK to use as I found out there was an install directory and apparently other files which aren't needed be there.
Is it safe to use the diff in a production environment???
Is it safe to use the diff in a production environment???
Re: Announcing CMSMS 1.9.4.3 - Important Security Release
Just noticed: there is no base install, only an english version. is that the same as "base"?
Cheers,
Alex
Cheers,
Alex
Re: Announcing CMSMS 1.9.4.3 - Important Security Release
The not-news-related files in the cmsmadesimple-english-diff-1.9.4.2-1.9.4.3 are all empty - zero bytes.
Same with cmsmadesimple-english-diff-1.9.4.1-1.9.4.3
Do not install.
cmsmadesimple-full-diff-1.9.4.2-1.9.4.3
contains only the news update(contrary to its changelog.txt, which lists all changes).
It contains four other directories (tmp,lib,uploads, images) which are empty but contain a .htaccess with the size of 1 byte.
Same with cmsmadesimple-full-diff-1.9.4.1-1.9.4.3
I suggest that someone checks those diff files ...
Cheers,
Alex
Same with cmsmadesimple-english-diff-1.9.4.1-1.9.4.3
Do not install.
cmsmadesimple-full-diff-1.9.4.2-1.9.4.3
contains only the news update(contrary to its changelog.txt, which lists all changes).
It contains four other directories (tmp,lib,uploads, images) which are empty but contain a .htaccess with the size of 1 byte.
Same with cmsmadesimple-full-diff-1.9.4.1-1.9.4.3
I suggest that someone checks those diff files ...
Cheers,
Alex
Re: Announcing CMSMS 1.9.4.3 - Important Security Release
Does anyone know if this upgrade issue with TinyMCE has been resolved. I am about to upgrade a site. Kieran
Re: Announcing CMSMS 1.9.4.3 - Important Security Release
You can check that by yourself: Download the tar.gz and open it with a standard packing program like IZarc. Look into the modules/timymce folder. If the .js files are of the size of 0 bytes, don't install.KJHunt wrote:Does anyone know if this upgrade issue with TinyMCE has been resolved. I am about to upgrade a site. Kieran
What I am wondering: this is called an "important security release" and the files have been broken since their release 2 weeks ago. Maybe it is not so important after all ...
hth,
Alex
Re: Announcing CMSMS 1.9.4.3 - Important Security Release
Hi Alex
Thanks for that tip. I have done as you say and can find js files in the following folder: CMS 1-9-4-3\modules\TinyMCE\tinymce\jscripts\tiny_mce.
The files there are:
tiny_mce 178kb
tiny_mce_popup 6kb
So hopefully it will go right for me as I don't have the time for a long fix session.
Thanks again Alex.
Thanks for that tip. I have done as you say and can find js files in the following folder: CMS 1-9-4-3\modules\TinyMCE\tinymce\jscripts\tiny_mce.
The files there are:
tiny_mce 178kb
tiny_mce_popup 6kb
So hopefully it will go right for me as I don't have the time for a long fix session.
Thanks again Alex.
Re: Announcing CMSMS 1.9.4.3 - Important Security Release
Just make sure you have a backup, as alwaysKJHunt wrote:
So hopefully it will go right for me as I don't have the time for a long fix session.
Cheers,
Alex
Re: Announcing CMSMS 1.9.4.3 - Important Security Release
Was wondering if this issue has been sorted yet?
A couple of sites I am curently working on, having upgraded to 1.9.4.3 are in all sorts of strife with TinyMCE. Can't get the new version etc - glad to find I am not the only one. It is a bit of a worry.
A couple of sites I am curently working on, having upgraded to 1.9.4.3 are in all sorts of strife with TinyMCE. Can't get the new version etc - glad to find I am not the only one. It is a bit of a worry.
Re: Announcing CMSMS 1.9.4.3 - Important Security Release
I also find it a bit strange the English diff file contains unnecessary empty files. Are they there to remove the content?
For example there's 13 en_dlg.js empty files in cmsmadesimple-english-diff-1.9.4.2-1.9.4.3.tar.gz but none in cmsmadesimple-1.9.4.3-english.tar.gz. If this is the case, it wouldn't not work in every case, admin/lang/ext/en_CY is a directory on my system but a file in the 1.9.4.3 diff. I'd rather delete files manually if there was a list of files to be removed.
For example there's 13 en_dlg.js empty files in cmsmadesimple-english-diff-1.9.4.2-1.9.4.3.tar.gz but none in cmsmadesimple-1.9.4.3-english.tar.gz. If this is the case, it wouldn't not work in every case, admin/lang/ext/en_CY is a directory on my system but a file in the 1.9.4.3 diff. I'd rather delete files manually if there was a list of files to be removed.
Re: Announcing CMSMS 1.9.4.3 - Important Security Release
cb2004 wrote:The diff files are screwed. Only upload these files:
doc/CHANGELOG.txt
modules/news/action.editarticle.php
modules/news/changelog.inc
modules/news/News.module.php
version.php
Re: Announcing CMSMS 1.9.4.3 - Important Security Release
BTW I fixed all my TinyMCE issues by uninstalling TinyMCE, deleting all TinyMCE module files and uploading the latest version and install.
Re: Announcing CMSMS 1.9.4.3 - Important Security Release
dmdg
When I tried to do that, it told me it (new version) was installed and activated but it was no-where to be seen.
What do you mean you uninstalled TinyMCE and then deleted all TinyMCE module files - would they not have been gone after uninstalling TinyMCE?
When I tried to do that, it told me it (new version) was installed and activated but it was no-where to be seen.
What do you mean you uninstalled TinyMCE and then deleted all TinyMCE module files - would they not have been gone after uninstalling TinyMCE?
Re: Announcing CMSMS 1.9.4.3 - Important Security Release
The un-install button only removes the module information form the database. If you click the "remove" button then the files will be deleted and the module will not be available for installation until a the module is uploaded to the modules directory again.
I first un-installed the TinyMCE module using the Extensions | Modules window. (this removes all the TinyMce info form the database)
Then I DELETED the modules/TinyMCE directory. (after this you should not see the module in the Extensions | Modules window)
Next I uploaded the latest version of TinyMCE 2.9.1 and installed it.
I first un-installed the TinyMCE module using the Extensions | Modules window. (this removes all the TinyMce info form the database)
Then I DELETED the modules/TinyMCE directory. (after this you should not see the module in the Extensions | Modules window)
Next I uploaded the latest version of TinyMCE 2.9.1 and installed it.
jasnick wrote:dmdg
When I tried to do that, it told me it (new version) was installed and activated but it was no-where to be seen.
What do you mean you uninstalled TinyMCE and then deleted all TinyMCE module files - would they not have been gone after uninstalling TinyMCE?
Re: Announcing CMSMS 1.9.4.3 - Important Security Release
I understand what you are saying but when I uninstall TinyMCE I don't get the option to Remove Files which has appeared whenever I have uninstalled a module in the past. It just says 'Install'. Usually it has Remove Files I seem to remember.
I decided to try again on a site in my test directory and uninstalled the old version of TinyMCE. Then I went via cPanel and deleted the TinyMCE folder in modules folder. I think that is what you said. Then I went back to Modules and tried to install the latest version and I got the Checksum error message. Unfortunately as I had deleted the old files, when I went back to re-install the old version, it had gone. So now I don't have any version of it at all on one site!
I would have thought that by upgrading to the latest version of CMSMS, that would automatically include the latest version of TinyMCE but it doesn't.
So now I am really stuck. All the sites I have tried it on are in my test directory luckily. I have upgraded to CMSMS 1.9.4.3 and then tried to upgrade TinyMCE. Should it be the other way around?
I decided to try again on a site in my test directory and uninstalled the old version of TinyMCE. Then I went via cPanel and deleted the TinyMCE folder in modules folder. I think that is what you said. Then I went back to Modules and tried to install the latest version and I got the Checksum error message. Unfortunately as I had deleted the old files, when I went back to re-install the old version, it had gone. So now I don't have any version of it at all on one site!
I would have thought that by upgrading to the latest version of CMSMS, that would automatically include the latest version of TinyMCE but it doesn't.
So now I am really stuck. All the sites I have tried it on are in my test directory luckily. I have upgraded to CMSMS 1.9.4.3 and then tried to upgrade TinyMCE. Should it be the other way around?
Re: Announcing CMSMS 1.9.4.3 - Important Security Release
1) Core modules do not have "Remove" option. The only way to remove a core module is by uninstall, then delete folder.jasnick wrote:I decided to try again on a site in my test directory and uninstalled the old version of TinyMCE. Then I went via cPanel and deleted the TinyMCE folder in modules folder. I think that is what you said. Then I went back to Modules and tried to install the latest version and I got the Checksum error message. Unfortunately as I had deleted the old files, when I went back to re-install the old version, it had gone. So now I don't have any version of it at all on one site!
2) If you tried Module Manager to install Tiny, try to install from Forge xml file instead.
3) There is always the third way to install a module: download the zip file from Forge, extract on your computer, upload module files to your /modules directory, and then navigate to "Modules" and then an "Install" option will appear for Tiny.
I had absolutely no luck trying to fix my website which was broken by this "patch", as I was running out of memory, and getting errors trying to quickly install Tiny. I had to upload modules files manually, then install.