Kloxo 6.1.10 Released (Include a Critical Security fix!)

Added by Danny Terweij over 2 years ago

Dear reader,

If you are wondering why there were no Kloxo 6.1.8 and 6.1.9 releases, these were prematurely made available for update but withdrawn shortly after for further testing. A few servers may have updated automaticaly to these releases and we had to increment the version number to make sure these could update to the final version.

Kloxo 6.1.10 also includes a critical security fix that was reported by "Xarion" (fixed by Angel Guzman Maeso) and so we highly recommend you update. Due to a non-implemented function, running "/script/fixvpop" would reset "lxpopuser" mysql password to a default instead of random password. This security issue affects all versions prior to 6.1.10 (including LxAdmin) and may expose e-mail addresses if you have run this script before.

See the list of 6.1.10 Changes: http://project.lxcenter.org/projects/kloxo/versions/28
See the list of 6.1.9 Changes: http://project.lxcenter.org/projects/kloxo/versions/18
See the list of 6.1.8 Changes: http://project.lxcenter.org/projects/kloxo/versions/17

Please note that updating to Kloxo 6.1.10 may be longer than usual while it updates third-party scripts such as phpMyAdmin.

A side note: CentOS 4 is ending its life at 29 feb 2012 and we will remove its packages from our repository.
Quote from CentOS:

All users currently using CentOS-4 are advised to begin planning the
upgrade to CentOS-5 (EOL Date: March 31, 2014) or CentOS-6 (EOL Date:
November 30, 2017)

We would like to thank everyone involved in the Beta program and LxCenter Partners who made this release possible.

Kind Regards,
LxCenter Team


Comments