Greetings to the community!
An update of version 3.6.10 is now available, eFront 3.6.10 build 12151. This is an important maintenance release, including several security and functional updates. All users of efront are strongly recommended to update to this revision.
This version also introduces the security module, which runs self-checks on the system and lists posts from our security blog. New installation will have this activated automatically. If you are upgrading, you are recommended to activate the module from the "Modules" list.
Changelog follows:
=== Version 3.6.10 build 12151 ===
- Added visible option functionality in custom user profile fields
- Added ability to import users with subtypes via csv imports.
- Added "security module"
- Replaced decimal point and thousand separator with locale equivalents
- Security update: Fixed editor's "save template" not checking validity of inputted parameter (Reported by EgiX)
- Security update: Fixed unsafe file upload using capitalized extensions (Reported by EgiX)
- Security update: Fixed potential XSS attacks using unsafe GET parameters (Reported by Canberk Bolat of Mavituna Security and High-Tech Bridge SA Security Research Lab)
- Security update: Fixed possible sql injection attacks in multiple files (Reported by EgiX, Vulnerability Research Laboratory and High-Tech Bridge SA Security Research Lab)
- Security update: Fixed potential privilege escalation using cookies (Reported by EgiX)
- Security update: Fixed cookie information leaking using XSS (Reported by Semyon Perepelitsa)
- Security update: Fixed arbitrary file download issue (Reported by EgiX)
- Fixed "branchinfo" and "groupinfo" fields not appearing in user profile fields (Enterprise/Educational editions)
- Fixed issue about content tree management order
- Fixed issue about assigning users to branches page when filter was used (#1819)
- Fixed clearDuplicates for questions when copying questions from another lesson (#1812)
- Fixed drag and drop questions about background color issue with Chrome (#1831)
- Fixed improper handling of file black list during file upload
- Fixed tracking initialization about feedbacks
- Fixed feedback preview
- Fixed lesson timelines not listing events
- Fixed issue in forum page about pagination and subforums
- Fixed getSystemLogo function and an issue with site logo loading
- Fixed issue in reports generator about enrolling to lesson/course/group
- Fixed rounding error when submitting paypal price and using coupon
An update for efront 3.6.10 is now available
2 posts
• Page 1 of 1
An update for efront 3.6.10 is now available
by periklis » Wed Oct 26, 2011 10:34 am
- Attachments
-
css_changes_11944_to_12151.diff- (658 Bytes) Downloaded 174 times
Periklis Venakis
eFront- eLearning and Skill Development Solution for Companies and Educational Institutes
Consider our wide range of added-value services to get things running smoothly on your eLearning environment
eFront- eLearning and Skill Development Solution for Companies and Educational Institutes
Consider our wide range of added-value services to get things running smoothly on your eLearning environment
- periklis
- Posts: 4272
- Joined: Thu Oct 04, 2007 10:54 am
Re: An update for efront 3.6.10 is now available
by y.sulistya » Wed Oct 26, 2011 11:49 am
Thank you!
Blessings & Peace,
Yudi Sulistya
---
Database administrator & programer at Faculty of Psychology • Airlangga University
Programer at Cyber Campus • Airlangga University
Freelance programer around the world
Yudi Sulistya
---
Database administrator & programer at Faculty of Psychology • Airlangga University
Programer at Cyber Campus • Airlangga University
Freelance programer around the world
-
y.sulistya - Posts: 509
- Joined: Mon Apr 13, 2009 12:02 pm
- Location: Surabaya, Indonesia
2 posts
• Page 1 of 1
Return to News and Announcements
Who is online
Users browsing this forum: No registered users and 1 guest