Please disregard the 'View article...' shown at the bottom of many posts as this is the result of restoring old forum posts from a backup.

v2.4.1patch1 released to fix several issues including a security vulnerability and email failure

edited March 2017 in Announcements

This patch fixes several issues in the v2.4.1 release especially mailing failures and a security vulnerability in the elFinder file manager.. We strongly encourage all Exponent installations be upgraded to v2.4.1 with this patch as soon as practical! Patch #1 to v2.4.1 is found at http://sourceforge.net/projects/exponentcms/files/exponent-2.4.1-patch-1.zip/download

v241patch1 adds no features to v241:

v241patch1 fixes these issues in v241:

  • fix fatal crash when sending emails
  • Unrestricted File Deletion / Upload Vulnerability in elFinder, reported by mm

v241patch1 updates these 3rd party libraries in v241:

  • update tinymce to v4.5.2
  • update ckeditor to v4.6.2
  • update elFinder to v2.1.20
  • update mediaelement.js to v2.23.5

Comments

Sign In or Register to comment.