BurstOpen » News

Coppermine 1.4.14

Chris — Tue, 06 Nov 2007 23:46:50 +0000

The coppermine gallery team have released a security update to version 1.4.14. This is a fix for (another) new XSS vulnerability – immediate update highly recommended.

Coppermine downloads page

WordPress 2.3.1

Chris — Fri, 02 Nov 2007 21:42:32 +0000

Following on from the new version 2.3 is a bug-fix release with some security implications. Although these seem to be fairly minor (eg. possible XSS vulnerability with register_globals on) if you’ve moved to 2.3 then you should now upgrade to 2.3.1.

There are no updates for the last version in the 2.2 branch (2.2.3) so if that’s what you’re on it’s probably safe to stay there for a while longer (but plan to update to 2.3.x soon):

WordPress download page

Vanilla 1.1.4

Chris — Tue, 23 Oct 2007 05:28:27 +0000

There is a serious vulnerability in Vanilla 1.1.3 and below, allowing remote SQL injection. A security update has been released – upgrading requires just replacing the affected files, as listed on the Vanilla upgrade page.

With exploit code already published this is an urgent mandatory update – don’t delay!

Download Vanilla forum

WordPress 2.3

Chris — Thu, 27 Sep 2007 12:23:25 +0000

Version 2.3 is a significant scheduled release with many new features. Although many bugs have been ironed out through several recent release candidates it’s likely that with all the new code there will be some problems still to find.

At the time of writing I don’t know of any security issues in the previous version 2.2.3 so the more cautious may prefer to keep this for a week or two… For those who prefer the latest and greatest:

WordPress download page

(Naturally, BurstOpen is now running on WordPress 2.3!)

SMF 1.1.4

Chris — Tue, 25 Sep 2007 21:48:05 +0000

Simple Machines have released an update to the SMF forum – version 1.1.4. An update for the 1.0 branch (1.0.12) has also been released.

This is a bug-fix release and a required update. Users of version 1.1.x can update through the SMF admin center.

Vanilla 1.1.3

Chris — Mon, 24 Sep 2007 11:06:29 +0000

Lussumo has released a new version of the minimal forum application Vanilla with bug-fixes including at least one security fix (XSS vulnerability). This is a required update.

Download Vanilla forum

Coppermine 1.4.13

Chris — Sun, 16 Sep 2007 11:00:35 +0000

The coppermine gallery team have released a security update to version 1.4.13. This is a fix for a new XSS vulnerability and a mandatory update.

Coppermine downloads page

WordPress 2.2.3

Chris — Mon, 10 Sep 2007 11:30:57 +0000

This is a bugfix and security release including some high-priority fixes. Required update.

WordPress download page

WordPress 2.2.2

Chris — Tue, 07 Aug 2007 11:23:05 +0000

This is a bugfix + security release and a required update.

WordPress download page

Opening only the top docking box

Chris — Wed, 01 Aug 2007 08:27:06 +0000

This site makes extensive use of the clever Docking boxes (dbx) by Brothercake. Among the many setup options is the choice of default state – open or closed boxes – on the visitor’s first visit to a page. But I wanted something a bit different – the top box open and all others closed. The simplest way to achieve this is a tiny hack to the dbx.js file. Note that this file is compressed to reduce loading time (comments and whitespace removed), so edit with care, as follows:

Open the file with your favourite text editor and find “else if(!this.defopen”. A few characters further on look for “for(i=0; i