View Single Post
  #1  
Old 15-11-12, 03:24 PM
ajdonnison's Avatar
ajdonnison ajdonnison is offline
Administrator
Utter Fanatic
dotProject Version:
php Version:
MySQL Version:
Operating System Version:
Browser:
 
Join Date: 13-04-04
Posts: 2,251
Default dotProject 2.1.7 released

Head on over to https://sourceforge.net/projects/dotproject and download the latest version of dotProject - 2.1.7. This release was primarily prompted by a security advisory https://www.htbridge.com/advisory/HTB23124 that details SQL injection and XSS vulnerabilities. All of these that have been identified have been resolved.

In addition several issues were reported in 2.1.6 and these have also been addressed.

Users of dP prior to 2.1.2 also reported problems in upgrading to the latest version, this was tracked down to a broken upgrade file introduced in 2.1.2, and this has now been resolved.

Due to the nature of the security advisory it is recommended that all users upgrade as soon as possible.
Reply With Quote