[hippo-community] Announcement: Hippo CMS maintenance releases 10.2.1, 10.1.3, 7.9.12 & 7.8.13
40 views
Skip to first unread message
Junaidh Sheriff
May 27, 2016, 7:48:31 AM5/27/16
to hippo-c...@googlegroups.com
Dear
All,
We have released the following Hippo
CMS maintenance versions for general
use:
Apart from the usual improvements
and bug fixes, these releases include a fix for a CSRF
security vulnerability in the CMS application.
When accessing the CMS over https and using an SSL offloading proxy you now need to make sure to have set the 'X-Forwarded-Proto' header to 'https'.
More detailed instructions are provided on the CSRF security vulnerability page.
When accessing the CMS over https and using an SSL offloading proxy you now need to make sure to have set the 'X-Forwarded-Proto' header to 'https'.
More detailed instructions are provided on the CSRF security vulnerability page.
As usual we encourage projects to
upgrade to latest available maintenance version,
as minor upgrades (requires login) are
straightforward.
The following new Upgrade Verifiers (requires login) also are available, for Hippo Enterprise Customers and Partners:
The following new Upgrade Verifiers (requires login) also are available, for Hippo Enterprise Customers and Partners:
- 10.1.3 to 10.2.1
- 7.9.12 to 10.2.1
- 7.9.12 to 10.1.3
- 7.8.13 to 7.9.12
Regards,
Junaid K
Reply all
Reply to author
Forward
0 new messages