Terug..   naar de blogs.


 

  CodeIgniter 3.1.4 is uitgebracht

Een nieuwe versie van Codeigniter.

Deze werkt probleemloos met de vorige versie van Codeigniter samen.

 

CodeIgniter 3.1.4 is uitgebracht op 20-03-2017, met enkele beveiligings en bug fixes.
Beveiliging: De byte-safety handling in de encryptie code is aangepast, en een header injectie wordt nu voorkomen.
Bug fixes: voor de Database, Input, Loader, Session libraries en voor de Html, Text & standaard functies helpers.
Verbeteringen: Image library.

 

  Gobale aanpassingen.

Meerdere aanpassingen op het gebied van beveiliging en een aantal bug fixen.

 

Security

  • Fixed a header injection vulnerability in common function set_status_header() under Apache (thanks to Guillermo Caminer from Flowgate).
  • Fixed byte-safety issues in Encrypt Library (DEPRECATED) when mbstring.func_overload is enabled.
  • Fixed byte-safety issues in Encryption Library when mbstring.func_overload is enabled.
  • Fixed byte-safety issues in compatibility functions password_hash(), hash_pbkdf2() when mbstring.func_overload is enabled.
  • Updated Encrypt Library (DEPRECATED) to call mcrypt_create_iv() with MCRYPT_DEV_URANDOM.

 

General Changes

  • Updated the Image Manipulation Library to work-around an issue with some JPEGs when using GD.


Bug fixes for 3.1.4

  • Fixed a regression (#4975) - Loader Library couldn’t handle objects passed as view variables.
  • Fixed a bug (#4977) - Loader Library method helper() could accept any character as a filename extension separator.
  • Fixed a regression where the Session Library would fail on a session_regenerate_id(TRUE) call with the ‘database’ driver.
    Fixed a bug (#4987) - Query Builder caching didn’t keep track of table aliases.
  • Fixed a bug where Text Helper function ascii_to_entities() wasn’t byte-safe when mbstring.func_overload is enabled.
    Fixed a bug where CI_Log, CI_Output, CI_Email and CI_Zip didn’t handle strings in a byte-safe manner when mbstring.func_overload is enabled.
  • Fixed a bug where Session Library didn’t read session data in a byte-safe manner when mbstring.func_overload is enabled.
  • Fixed a bug (#4990) - Profiler didn’t close <pre> tags it generated.
  • Fixed a bug (#4990) - Profiler didn’t HTML-escape quotes for $_SESSION variables.
    Fixed a bug where Input Library method set_cookie() didn’t allow its httponly and secure parameters to be overriden to FALSE.
  • Fixed a bug (#5006) - common function get_mimes() didn’t load application/config/mimes.php if an environment specific config exists.
  • Fixed a bug (#5006) - common function remove_invisible_characters() didn’t remove URL-encoded 0x7F.
  • Fixed a bug (#4815) - Database Library stripped URL-encoded sequences while escaping strings with the ‘mssql’ driver.
  • Fixed a bug (#5044) - HTML Helper function img() didn’t accept data: URI schemes for the image source.
  • Fixed a bug (#5050) - Database Library tried to access an undefined property in a number of error handling cases.
  • Fixed a bug (#5057) - Database driver ‘postgre’ didn’t actually apply extra options (such as ‘connect_timeout’) to its DSN.

 

    Hoe te gebruiken?

Kopieer de gehele map /system in de map /system.

Kortom overschrijf alles.

 

   Download link

Klik hier om de scripts te downloaden

 



Tags: codeigniter, core       20-03-2017



Reacties:

 


Uw reactie

Uw naam
Uw e-mail
Uw bericht
  Beveiliging     Neem deze over aub.
   
     

 

Contact:

van Wijhe Web

Frederikastraat 102

7543 CW Enschede

053 - 431 78 76

06 - 511 828 79

Ontvang tips, nieuws en andere interessante feitjes
in je mailbox.

2017 * van Wijhe Web