Piwigo 2.1.3 Release Notes

Downloads Piwigo 2.1.3
changes between 2.1.x and 2.1.3
Released on September 14th, 2010 (2010-09-14)
Focus security bug fix, bug fixes, new languages
md5sum e96ff90f2ddd7238178bb82b95e4fa39

Note: the list of major changes is described on Piwigo 2.1.0 release notes. This page only describes what changes between release 2.1.2 and release 2.1.3.

Security

This release contains two major security bug fixes: an SQL injection and a Cross-site request forgery vulnerability. It is highly recommended to upgrade your Piwigo 2.1.x. Thank you to Loïc Castel for help provided.

By the way, let's remind the best way to notify Piwigo team about security failures: private contact form.

Languages

  • 0001772: [language] Add Farsi (فارسی) language, thanks to mohammadN
  • 0001771: [language] Add Latvian (Latviešu) language, thanks to Aivars Baldone

Bugs Fixed

  • 0001851: [notification] duplicate images in RSS feed (or notification by email)
  • 0001785: [configuration] hard coded number of related tags
  • 0001757: [photo management] ability to use HTML in author field
  • 0001784: [photo management] make photo name compatible with ExtendedDescription
  • 0001778: [notification] Thumbnails missing on email notification
  • PostgreSQL/SQlite related bugs

    PostgreSQL and SQLite are still in experimental state. Nicolas keeps fixing bugs and MySQL only code he may find. Please beta-testers keep reporting issues you may encounter when using PostgreSQL/SQLite as database backend.

    • 0001766: [database] [PostgreSQL] unkown database function UNIX_TIMESTAMP()
    • 0001763: [database] [PostgreSQL] double quote used in queries
    • 0001762: [database] Compleet RSS Feed returns notice
    • 0001755: [database] Needs single quotes in queries official plugins
    • 0001754: [database] The keyword AS is mandatory for alias in POstgreSQL queries

    Upgrade

    Recommended method: follow the automatic upgrade procedure.

    If you're running Piwigo 2.1.0, 2.1.1 or 2.1.2, you can also download the 2.1.x_to_2.1.3.zip archive that contains all new and modified files. Once you have extracted the files, transfer them onto your web server with a FTP client (like FileZilla) over your Piwigo 2.1.x installation. No database upgrade is required.

    If you are running a version older than 2.1.0 and do not want to use the automatic upgrade, then follow the manual upgrade.

github twitter facebook google+ newsletter Donate Piwigo.org © 2002-2017 · Contact