« Paid Posts Step by Step | Main | Mobile Blogging Toolbox (Part One) »

LifeType 1.1.3 Security Release

LifeType
After the full path disclosure vulnerability in 1.0.x and 1.1.x, LifeType Team released version 1.1.3 containing a handful of fixes. LifeType 1.1.3 mainly addresses issues in the registration process and fixes the 'save draft' functionality, which was broken as of LifeType 1.1.2. It is necessary to upgrade for all LifeType installations, as LifeType up to release 1.1.2 contains an issue in the registration process where it is possible to fool the validation code and register user names and blogs with incorrect characters. If you are running a bigger site with free registration, this is an important issue.

this is the full list of issues fixed in LifeType 1.1.3 :

  • 1129: Validation of duplicate custom domains not working.
  • 1131: Searching for resources not working in the summary page
  • 1014: Disabled blogs showing up in the summary
  • 969: Comment sort order
  • 1132: The link to the medium preview is not correct when adding the resource to posts
  • 1122: Slugs should use lower-case letters
  • 1127: Save draft functionality not working
  • 1125: When the bayesian filter is disabled in the administration interface, all features related to it should be disabled too.
  • 1119: It is possible to fool the validation system during the registration process and register invalid usernames and blogs.
  • 1113: Conflicts between blogs when the same user has more than one blog.
  • 1117: Usernames should only use lower-case letters and numbers.

More information and download from http://www.lifetype.net/

Posted by Hatem on December 9, 2006 10:27 AM to Blogonews | | View blog reactions

Bookmark this article at these sites
Post a comment





(Email will remain hidden)





Please enter the security code you see here




Related entries
Email to a friend
Email this article to:


Your email address:


Message (optional):