Forum - GuppY 6 [anglais] - GuppY 6.00.14 release - Security update
GuppY: GuppY 6.00.14 package, cumulative and non-cumulative patches - Security update.
This pack is the 126th version of GuppY
We propose patch 6.00.14 with additions, improvements and the correction of an XSS vulnerability.
Beware, all versions of GuppY are concerned, without exception, by this flaw.
You MUST install this 6.00.14 patch IMMEDIATELY to ensure the security of your site.
Prerequisites: PHP 7.3 minimum
CORRECTIONS / MODIFICATIONS :
- Tarteaucitron v1.13.1 updated to fix an XSS vulnerability
- RGPD display fix
- Correction of RGPD date control
- Improved cookie display
- Setcookies updated to 365 days
Attention : To upgrade from version 6.00.13 to 6.00.14, you must use the gy-non-cumulative-60014.zip patch, following this procedure:
• download the patch and install in admin with the Installer function of GuppY.
After the installation you have to go to admin/config look and proceed in this order:
• click on "Save config" to update your skin to Config look, the style.css will be generated automatically,
• then validate each configuration page, then several refreshments can be necessary be necessary to have a correct display.
Please note that you must delete the cookies, then reconnect and validate the RGPD declaration again.
Thanks to linuxmr and Papinou for making this patch.
The GuppY Team