Software Update: Tiki 1.9.8.1

Tiki is a web-based Groupware and content management system and uses an environment with PHP, ADOdb and smarty. The program is also known under the catchy name TikiWiki. The developers have released a new version in the Sirius series with 1.9.8.1 as the version number. Among other things, this fixes a security flaw in the tiki-graph_formula.php component as the announcement below informs us:

A security flaw have been found in one file, you should consider upgrading immediately, get the new 1.9.8.1 version on Sourceforge. It is important that you upgrade, as there have been known incidents due to this vulnerability.

Version 1.9.8.1 – security release:

  • tiki-graph_formula.php: [FIX] Potential security injection
  • tiki-login.php: [FIX] quickfix for double-slash in URL problem after logging in (SSL used, some servers/configs). Things are much neater in 1.10 and it should not need fix there.
  • tiki-view_tracker.php: [FIX]tracker: monitoring tracker in another language tw1370
  • lib/graph-engine/: core.php, graph.bar.php: Adding support for hooks during data display.
  • lib/polls/polllib_shared.php: [FIX] when poll is removed, link of poll to object should also be removed
  • lib/Galaxia/src/ProcessManager/ActivityManager.php: [FIX] Activity manager fixed so it now shows activities for new workflow installations.
  • lib/Galaxia/src/ProcessManager/ProcessManager.php: [FIX] Galaxia now cleanly and correctly deletes processes (pear db call was not provided argument); resolves several issues.
  • lib/graph-engine/: core.php, gd.php, graph.bar.php, pdflib.php, ps.php: Adding image map generation in GD based graphics

 

Version number 1.9.8.1
Release status Final
Website TikiWiki
Download
file size 8.19MB
License type GPL