Security & maintenance updates : new versions SPIP 3.2.2, 3.1.9 and 3.0.28

To start this new year 2019, we release maintenance versions of SPIP which also fix some security flaws.

The Safety Screen does NOT cover those flaws, so it is strongly recommended that you upgrade your websites.

Those new versions bring fixes to the bugs that were identified those last months :

  • 6 issues for version 3.1
  • 34 issues for version 3.2

Among others :

  • patched several XSS flaws and, a critical one letting writing authors accessing local documents. We warmly thank Guillaume Fahrner for his reports.
  • now supporting TLSv1.2 connections.
  • improved PHP 7.2 compatibility
  • optimized javascript compressor, which now respects already minified external librairies & bug fix on CSSTidy
  • repaired ’restore a version’ function
  • updated SafeHTML librairie to support HTML5
  • updated getID librairie to version 1.9.16
  • added a _COUPER_SUITE constant to define proper caesura characters
  • re-designed log-in screens
  • images filters: JPGs are now progressive by default
  • new translations for Dutch & Japanese languages
  • ...

Download SPIP

Full announcement & details

updated on 19 January 2019

Discussion

Aucune discussion

Comment on this article

Who are you?
  • [Log in]

To show your avatar with your message, register it first on gravatar.com (free et painless) and don’t forget to indicate your Email addresse here.

Enter your comment here

This form accepts SPIP shortcuts {{bold}} {italic} -*list [text->url] <quote> <code> and HTML code <q> <del> <ins>. To create paragraphs, just leave empty lines.

Add a document

Follow the comments: RSS 2.0 | Atom