Software update: Tiki 1.8.5

Spread the love

Tiki is a web-based Groupware and Content Management System and uses an environment with PHPADOdb and smarty† The program is also known by the catchy name TikiWiki which is sure to make many chuckle. Recently, the developers released a new version with 1.8.5 as the version number. Anyone using an earlier version is strongly advised to upgrade due to a number of security vulnerabilities. The full changelog looks like this:

Tiki admins are strongly urged to upgrade to this version due to vulnerabilities in versions prior to 1.8.5 that can lead to unauthorized remote control. A new security admin panel can help you to identify old or hacked scripts.

Security:

  • Header redirections now die; afterwards to prevent other code being executed.
  • More Path Disclosure fixes.
  • Remove the old password from being displayed on the tiki-change_password routine.
  • Tiki security admin, a control panel to check internal tiki security settings.
  • Added .htaccess files to most directories to disallow direct access.
  • Remove file from temp after upload.
  • More secure map uploads.

Improvements:

  • Latest ADODB for MySQL 4.1 support.
  • Speed ​​improvements on Wiki pages while caching external links is enabled.
  • Easier user interface for maps.

Bug Fixes:

  • Wiki renaming fixes and enhancements
    New : moves custom permissions and user watches.
    Fixed : Email notifications and theme control objects.
  • WikiSyntax : Definition list “eats” character.
  • Version in the diff of a wiki page changed notification to the previous message not the current”.
  • forum post notification with the right url.
  • month view on year change.
  • Galaxia: run_activity urls finally fixed.
  • Maps: various bugs fixed related to object deletion.

[break]The following three downloads are ready:
Source Bz2
Source Gzipped
Source Zipped

Version number 1.8.5
Website TikiWiki
Download
License type GPL
You might also like