News items tagged with "patch"
NOTE: DO NOT INSTALL THIS PATCH ON A SERVER RUNNING PHP v5.5.x!!! Your web site will no longer run! PHP versions older than v5.6 are very obsolete and we will not support them in the next version release. The next version may also remove support for PHP v5.6 and v7.0 since they will have been considered obsolete by the start of 2019.
This patch addresses several issues for Bootstrap 4 and elFinder. All Exponent CMS users running at least PHP version 5.6 are encouraged to move their installations to v2.4.3 and to install this patch!! Patch #1 to v2.4.3 is found at https://sourceforge.net/projects/exponentcms/files/exponent-2.4.3-patch-1.zip/download (read more)
This patch fixes several issues in the v2.3.9 release. It also provides several tweaks and new features including a 'fill screen' feature for the elFinder file manager, though the main focus is providing several security fixes. Patch #1 to v2.3.9 is found at http://sourceforge.net/projects/exponentcms/files/exponent-2.3.9-patch-1.zip/download (read more)
Though they are both extremely old versions, they were the release before a major version change and are/may still be in use. Please bear in mind we strongly recommend your installations be updated to a much newer version which contains many more fixes and new features. Having said that, these patches (v2.1.4patch9 and v2.2.3patch12) fix a security vulnerability reported by Balisong which might allow uploaded scripts to be executed. (read more)
There is a security vulnerability in Exponent 2.x found on August 26, 2016 reported by Balisong which could allow uploaded scripts to be executed. It has been present in all versions of Exponent (2.x). The fix is: (read more)