[pmwiki-users] PmWiki 2.2.3 released
Petko Yotov
5ko at 5ko.fr
Wed Jul 15 18:53:24 CDT 2009
Hello. I have released pmwiki-2.2.3 stable today, available at :
http://www.pmwiki.org/pub/pmwiki/pmwiki-2.2.3.tgz
http://www.pmwiki.org/pub/pmwiki/pmwiki-2.2.3.zip
svn://www.pmwiki.org/pmwiki/tags/latest
This release fixes six potential XSS vulnerabilities, reported by Michael
Engelke. The vulnerabilities may affect wikis open for editing and may allow
the injection of external JavaScripts in their pages. Public open wikis
should upgrade.
A new variable $EnableUploadGroupAuth was added; if set to 1, it allows
password-protected uploads to be checked against the Group password. This
variable works with $EnableDirectDownload set to 0.
It is now possible to use @_site_edit, @_site_read, @_site_admin or
@_site_upload global passwords in GroupAttributes pages.
A number of other bugs were fixed, and the documentation was updated.
Thanks,
Petko
More information about the pmwiki-users
mailing list