An update for efront 3.6.10 is now available

News & Announcements directly from the eFront team

An update for efront 3.6.10 is now available

Postby periklis » Wed Oct 26, 2011 10:34 am

Greetings to the community!

An update of version 3.6.10 is now available, eFront 3.6.10 build 12151. This is an important maintenance release, including several security and functional updates. All users of efront are strongly recommended to update to this revision.
This version also introduces the security module, which runs self-checks on the system and lists posts from our security blog. New installation will have this activated automatically. If you are upgrading, you are recommended to activate the module from the "Modules" list.

Changelog follows:
=== Version 3.6.10 build 12151 ===
- Added visible option functionality in custom user profile fields
- Added ability to import users with subtypes via csv imports.
- Added "security module"
- Replaced decimal point and thousand separator with locale equivalents
- Security update: Fixed editor's "save template" not checking validity of inputted parameter (Reported by EgiX)
- Security update: Fixed unsafe file upload using capitalized extensions (Reported by EgiX)
- Security update: Fixed potential XSS attacks using unsafe GET parameters (Reported by Canberk Bolat of Mavituna Security and High-Tech Bridge SA Security Research Lab)
- Security update: Fixed possible sql injection attacks in multiple files (Reported by EgiX, Vulnerability Research Laboratory and High-Tech Bridge SA Security Research Lab)
- Security update: Fixed potential privilege escalation using cookies (Reported by EgiX)
- Security update: Fixed cookie information leaking using XSS (Reported by Semyon Perepelitsa)
- Security update: Fixed arbitrary file download issue (Reported by EgiX)
- Fixed "branchinfo" and "groupinfo" fields not appearing in user profile fields (Enterprise/Educational editions)
- Fixed issue about content tree management order
- Fixed issue about assigning users to branches page when filter was used (#1819)
- Fixed clearDuplicates for questions when copying questions from another lesson (#1812)
- Fixed drag and drop questions about background color issue with Chrome (#1831)
- Fixed improper handling of file black list during file upload
- Fixed tracking initialization about feedbacks
- Fixed feedback preview
- Fixed lesson timelines not listing events
- Fixed issue in forum page about pagination and subforums
- Fixed getSystemLogo function and an issue with site logo loading
- Fixed issue in reports generator about enrolling to lesson/course/group
- Fixed rounding error when submitting paypal price and using coupon
Attachments
css_changes_11944_to_12151.diff
(658 Bytes) Downloaded 572 times
Periklis Venakis
eFront- eLearning and Skill Development Solution for Companies and Educational Institutes
Consider our wide range of added-value services to get things running smoothly on your eLearning environment
periklis
 
Posts: 4372
Joined: Thu Oct 04, 2007 10:54 am

Re: An update for efront 3.6.10 is now available

Postby y.sulistya » Wed Oct 26, 2011 11:49 am

Thank you!
Blessings & Peace,
Yudi Sulistya

---
Database administrator & programmer at Faculty of Psychology • Airlangga University
Programmer at Cyber Campus • Airlangga University
Need personal help? contact me : yudi.sulistya[at]gmail.com
User avatar
y.sulistya
 
Posts: 717
Joined: Mon Apr 13, 2009 12:02 pm
Location: Surabaya, Indonesia

Re: An update for efront 3.6.10 is now available

Postby jazz albert » Thu Oct 27, 2016 11:10 pm

periklis wrote:Greetings to the community!

An update of version 3.6.10 is now available, . This is an important maintenance release, including several security and functional updates. All users of efront are strongly recommended to update to this revision.


Nice sharing!
jazz albert
 
Posts: 2
Joined: Thu Oct 27, 2016 10:54 pm


Return to News and Announcements

Who is online

Users browsing this forum: No registered users and 2 guests