Welcome to Geeklog Sunday, February 26 2017 @ 12:26 am EST

Geeklog 2.1.1 BETA 1

  • Contributed by:
  • Views: 4,148
Announcements

The first beta version of Geeklog 2.1.1 is now available for download.

New features in this version include:

  • [Security] Log parameters for 404 errors & make filtering in 404.log work like in error.log
  • [Security] Removed the code used for File Manager demos and tests shipped with WideImage to prevent an XSS
  • [Security] Updated File Manager to version 2.2.0 (fixed security issue with file upload check)
  • [Security] Configuration string input sanitizing overhauled
  • [Update] CKEditor to version 4.5.4
  • [Update] jQuery to version 1.11.3 and jQuery UI to version 1.11.4. jQuery Timepicker Addon updated
  • [Update] OAuth class to version 1.141
  • [Feature] Integrated the UIkit framework version 2.23.0 into Geeklog
  • [Feature] Denim theme now uses UIKit
  • [Feature] Plugins can now include default templates and css files along with ones for different themes
  • [Feature] Schema.org article, author, and Breadcrumb markup added to Denim and Modern Curve themes
  • [Feature] Allow xmlSiteMap Plugin to Ping Search Engines when new content is added
  • [Feature] For XMLSitemap Plugin added dedicated API
  • [Bug] Added email check to Com_mail to prevent plugins from sending email to users who don't have an address (Oauth users)
  • [Bug] Cached Articles Sometimes do not Display on website
  • [Bug] Current LDAP module doesn't work properly
  • new Simple_LDAP Authentication provided
  • [Bug] Duplicate Blocks
  • [Bug] Remove hardcoded checks for TLD in domain names

... as well as a lot of other improvements and bug fixes. The complete list can be found in the history.txt file located in the release.

We would also like to put a request out there for translators. If you speak and write another language besides English or Japanese and would like to contribute to Geeklog please join the geeklog-translations mailing list. Translating Geeklog isn't complicated. Instructions can be found on the Geeklog Wiki or simply ask on the translation list.

We would like to encourage you to download this beta version, try it out, and give us your feedback. This is a beta version and it may still contain bugs. If you find any please report them in our Bug Tracker. Depending on what issues are found the development team hopes to have the final release of Geeklog 2.1.1 out by the end of November, 2015.

Geeklog.net also has been updated and is now running Geeklog 2.1.1 Beta 1.

File Manager Vulnerability

  • Contributed by:
  • Views: 6,321
Security

An XSS vulnerability has been found by Mohammad Sikkandar Sha in the demo code for WideImage which is used in the File Manager shipped with Geeklog 2.1.0. The File Manager itself has access control and is not affected by the vulnerability.

To fix this, please remove the two following directories as soon as possible:

  • public_html/filemanager/connectors/php/inc/vendor/wideimage/demo
  • public_html/filemanager/connectors/php/inc/vendor/wideimage/test

Thank you

Geeklog Demo Site Update

  • Contributed by:
  • Views: 7,449
Announcements

As of today (November 17th, 2014), the Geeklog Demo Sites will be moved to a new hosting provider. This change will take up to a day to complete. During this move, the old Geeklog Demo version 1.8.2 will be depreciated and no longer be available. The current demo of Geeklog 2.1.0 can be found at http://demo.geeklog.net.

The demo site has all the core plugins installed plus the forum plugin. A number of Geeklog themes are installed along with the Theme Switcher plugin which makes it easier to check out the more popular themes available for Geeklog. Remember, the demo site is reset on an hourly basis with the default settings. This means any changes made to the site will be lost in an hour or less.

If you have any questions, please comment on this article or, post your thoughts in the General Geeklog Discussion forum.

Thanks

Michael (Ironmax)
Geeklog Demo Administrator