Timthumb update for older PivotX installs.

If you are still running PivotX 2.2.6, you might be vulnerable to a security exploit, that was patched previously. Version 2.3.0 doesn't have this issue, but any older version of PivotX might be vulnerable. To fix this, you should do one of the following:

  • Either update your old installs to PivotX 2.3.0
  • or just replace the faulty timthumb.php. Download timthumb_2011-10-14.zip, extract it, and replace the file timthumb.php in pivotx/includes/

We're close to releasing PivotX 2.3.2, so if you're planning to wait for that release, just replace your existing timthumb.php with the version linked above. 

For more information about security issues / patches, see the page dedicated to Security issues.

Posted by Bob den OtterFriday 14 October 20114

four comments

What does version 2.3.2 contain? And what happened with version 2.3.1?

Willem (URL) - 15-10-’11 06:19

PivotX 2.3.2 will contain mostly smaller fixes and updates. Version 2.3.1. is available, but was never originally released, so when we do release it officially, we’re going to bump the version to 2.3.2 to avoid confusion.

Bob - 19-10-’11 03:25

Didn’t notice the 2.3.1 release. Just downloaded it, because I had installed version 2.3.0 for some website and I couldn’t save the administration page (remembered this issue from earlier).

Is there something to say about PivotX 3? The thought that it is already in development makes me very curious.

Willem (URL) - 25-10-’11 02:50

Willem, we’re still thinking about the direction it will go. Hopefully we’ll finalize the choices to make, and we’ll post an announcement on how it’s going to be. Just a little more patience. :-)

Bob - 01-11-’11 05:17

For support questions please visit the PivotX forum.