We have just released new versions of our products:
- WoltLab Suite 5.3.4
- WoltLab Suite 5.2.12
- WoltLab Suite 3.1.20
- WoltLab Suite 3.0.26
Stability releases (also known as "minor releases") aim to solve existing problems in the current version. Like every stability release, they do not introduce new features; It is strongly recommended to apply these updates.
We have identified an issue that permits administrators to merge user accounts that they should not be able to edit. It is not possible to gain any permissions this way, but since this is a potentially destructive action, we do classify this as a security problem. Administrators are strongly encouraged to install the latest updates as soon as possible.
All WoltLab Cloud customers have already been patched to address this issue.
Applying System Updates
Open your Administration Control Panel and navigate to Configuration > Packages > List Packages. Please click on the button Search for Updates located in the right corner above the package list.
The list below includes only significant changes, minor fixes or typos are generally left out.
WoltLab Suite Core
- (SECURITY) Validate that the user can edit all user accounts that are about to be merged. 5.3 5.2 3.1 3.0
- Resolved an issue that prevented the removal of column indices when using the PHP database API. 5.3 5.2
- Included a workaround for the Guzzle HTTP library to circumvent a protocol error when using a HTTP proxy server. 5.3
kilde: Please login to see this link.