PivotX 2.3.9 released.
We've released a new maintenance update for PivotX. Since this release fixes a security-issue, it is a recommended upgrade for all PivotX 2.x websites. For former security related issues and patches, see the page dedicated to Security issues.
These are the changes since PivotX 2.3.8:
Security issues:
- A file upload vulnerability and various XSS issues on the admin pages. Mitigated by the fact that an attacker must have an PivotX account. All issues require that the attacker has a PivotX account/user, so for sites with multiple users, you will want these patched.
Other bug fixes:
- For flatfile databases:
- Adding excerpts to the output from getLatestPages so page excerpts are displayed on the dashboard.
- 'read_entries' should not change the current entry (since read_entries is used for other things than creating subweblogs).
- Bug fix in session cookie domain - any subdomain named "wwwX" (where X is any character) resulted in an invalid domain for the cookie.
- Set UTF-8 for debug window (and also give it a title).
The PivotX 2.3.9 release can be downloaded from this location: pivotx.net/files/pivotx_latest.zip (or pivotx.net/files/pivotx_latest.tgz, if you prefer.tgz files). For setup instructions, we point you to our documentation: Getting the files & installing. If you're having trouble downloading the files, you can also download them from our sourceforge mirror.
share
Thanks!
L.S.
My provider “Yourhosting” updated their servers last night, march 20 2014 to php 5.4 and mysql-database version to 5.5.
Now my PIVOT-site misses the database, could you please advise me what to do?
friendly regards,
Jan
Yes, upgrade your PivotX. Your site is running a very old version and the issue you are having is already fixed.
Hi. I just started blogging with PivotX. And wow, great to see that new releases are still popping up frequently. What a feature rich but at the same time easy to use blogging platform. I am already loving it and looks very promising.
Many thanks for all the hard work,
Janus Liou