Patch #3 Released for V2.3.8

Friday, June 3, 2016 Tags: patch, release, bugs

This patch fixes two security vulnerabilities, plus several issues in the v2.3.8, v2.3.8 Patch #2, and v2.3.8 Patch #1 releases. It also provides several tweaks and new features. In particular this release adds small device support to the elFinder file manager. Patch #3 to v2.3.8 is found at

v238patch3 adds these features to v238, v238patch1 and v238patch2:
- add remove empty tags upgrade script
- elFinder adds small device/display support
- adds error catching to text module inline edit view if user is logged out at server (and live edit view still visible)
- update database manager to use a much enhanced table search filter

v238patch3 fixes these issues in v238, v238patch1 and v238patch2:
- fix security issue with database manager: Security Advisory XS3C-2016-05-20 reported by Julian Held
- fix security issue with pixidou editor: Security Advisory XS3C-2016-05-19 reported by Julian Held
- regression fix (238p2) visual cue (border) when hovering over editable text in ONLY text module inline edit view
- regression fix (238p2) module configuration settings view broken on non-bs3 themes due to attached files view selection code problem
- regression fix navigation manage by sitemap standalone pages link was invalid
- fix some issues with eaas; regression fix 'aboutus' request would always fail, adds quick module item count to 'aboutus' request, removes some unnecessary clauses from aggregate modules sql statement
- fix expTheme::runAction() to not spit out a 403 error for the 'current page' if issued an ajax request/action (kills some ajax requestors)

v238patch3 updates these 3rd party libraries in v238, v238patch1 and v238patch2:
- elFinder to v2.1.12
- owl carousel to v2.1.5