diff options
Diffstat (limited to 'docs/_posts/2016-05-03-v1.8.2.md')
| -rw-r--r-- | docs/_posts/2016-05-03-v1.8.2.md | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/docs/_posts/2016-05-03-v1.8.2.md b/docs/_posts/2016-05-03-v1.8.2.md new file mode 100644 index 000000000..009cb856a --- /dev/null +++ b/docs/_posts/2016-05-03-v1.8.2.md @@ -0,0 +1,30 @@ +--- +layout: post +title: Version 1.8.2 +author: matthew +--- + +<div class="r" align="right"> +<a data-flickr-embed="true" href="https://www.flickr.com/photos/m0php/4001836593/" title="Security barrier"><img src="https://farm3.staticflickr.com/2553/4001836593_492263c6cd.jpg" width="500" height="332" alt="Security barrier"></a><script async src="//embedr.flickr.com/assets/client-code.js" charset="utf-8"></script> +</div> + +We’ve released **version 1.8.2** of FixMyStreet, along with versions 1.7.1 and 1.6.2. + +These releases include an important security fix, whereby a malicious user +could craft an image upload to the server that allowed them to run external +commands as the user running the site. Please update your installation as soon +as possible. + +Version 1.8.2 also contains other improvements and additions to existing +features: + +* Twitter social login, alongside the existing Facebook login; +* PNG and GIF image upload support; +* Some development improvements, including the final merging of `base` and +`fixmystreet` templates, storing any Open311 error in the database, and tidying +up some unused cobrands; +* A few bug fixes, such as showing the right body user form value for fixed +reports (thanks Jon Kristensen). + +See the full list of changes +[over on GitHub](https://github.com/mysociety/fixmystreet/releases). |