Announcing CMS Made Simple v2.2.10 - Spuzzum
Announcing CMS Made Simple v2.2.10 - Spuzzum
Today we are announcing the release of CMS Made Simple v2.2.10 - Spuzzum. This is a security and stability release. We have fixed some relatively important security vulnerabilities, and fixed some long standing issues.
Category: Announcements, Releases, General
Posted: March 6, 2019 by calguy1000
Hi Everybody!
Today we are announcing the release of CMS Made Simple v2.2.10 - Spuzzum. This is a security and stability release. We have fixed some relatively important security vulnerabilities, and fixed some long standing issues.
More specifically:
- An SQL injection vulnerability in the default action was fixed. This is the primary, critical reason for this release.
- The ModuleManager received some bug fixes when installing a module that had numerous dependencies. And a minor object insertion vulnerability.
- A couple of minor authenticated security vulnerabilities were fixed in the core and the FilePicker module. Additionally some minor fixes to the file cache driver, and IP address detection.
The standard review has been performed by members of the dev team to help ensure that no critical issues were introduced into this release.
Because of the resolved security vulnerabilities, Particularly in the News mdoule, it is important that you update your installations to CMSMS 2.2.10 at your earliest convenience.
As of this release, and according to the support policy. The CMSMS Dev team now only supports CMSMS 2.2.9 and CMSMS 2.2.10.
Thank you, and have a nice day.