blob: 009cb856ab5212800a9db7034bd39c8333c11a8b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
---
layout: post
title: Version 1.8.2
author: matthew
---
<div class="r" align="right">
<a data-flickr-embed="true" href="https://www.flickr.com/photos/m0php/4001836593/" title="Security barrier"><img src="https://farm3.staticflickr.com/2553/4001836593_492263c6cd.jpg" width="500" height="332" alt="Security barrier"></a><script async src="//embedr.flickr.com/assets/client-code.js" charset="utf-8"></script>
</div>
We’ve released **version 1.8.2** of FixMyStreet, along with versions 1.7.1 and 1.6.2.
These releases include an important security fix, whereby a malicious user
could craft an image upload to the server that allowed them to run external
commands as the user running the site. Please update your installation as soon
as possible.
Version 1.8.2 also contains other improvements and additions to existing
features:
* Twitter social login, alongside the existing Facebook login;
* PNG and GIF image upload support;
* Some development improvements, including the final merging of `base` and
`fixmystreet` templates, storing any Open311 error in the database, and tidying
up some unused cobrands;
* A few bug fixes, such as showing the right body user form value for fixed
reports (thanks Jon Kristensen).
See the full list of changes
[over on GitHub](https://github.com/mysociety/fixmystreet/releases).
|
