v2.4.1patch1 released to fix several issues including a security vulnerability and email failure

dleffler · January 2017

This patch fixes several issues in the v2.4.1 release especially mailing failures and a security vulnerability in the elFinder file manager.. We strongly encourage all Exponent installations be upgraded to v2.4.1 with this patch as soon as practical! Patch #1 to v2.4.1 is found at http://sourceforge.net/projects/exponentcms/files/exponent-2.4.1-patch-1.zip/download

v241patch1 adds no features to v241:

v241patch1 fixes these issues in v241:

fix fatal crash when sending emails
Unrestricted File Deletion / Upload Vulnerability in elFinder, reported by mm

v241patch1 updates these 3rd party libraries in v241:

update tinymce to v4.5.2
update ckeditor to v4.6.2
update elFinder to v2.1.20
update mediaelement.js to v2.23.5

BJKline · January 2017

I'm having trouble getting this to install. I went to Admin -> Super Admin Tools -> Extensions -> Install Extension -> Upload Extension. Then I selected the zip file to upload, checked the box to patch Exponent and clicked the Upload Extension button. Chrome says its 100% uploaded and then I get this.

dleffler · January 2017

Did you check the 'Install as Patch' box before doing this? The 'install as patch' option installs the files into the root folder, leaving it unchecked installs them into the theme as a 'custom' module. My assumption is you've extracted the files into your theme.

BJKline · January 2017

Yes, I checked the 'Install as Patch' box.

BJKline · January 2017

Well I got the patch to install. I used my SSH connection to my server. I navigated into the root web directory, then used wget to download the zip file. Then I used the unzip command to extract it. Finally I logged into the site and was prompted to update the database. I did and now the site shows its updated.

v2.4.1patch1 released to fix several issues including a security vulnerability and email failure

Comments