Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums General News & Discussion CodeIgniter 2.2.6 Released
CodeIgniter 2.2.6 Released
  • Offline jlp
    Senior Member
  • ****
  • Posts: 251
    Threads: 151
    Joined: Sep 2014
    Reputation: 98
#1
10-31-2015, 01:09 PM

CodeIgniter 2.2.6 has been released today, and is a security release for the 2.x branch.
  • Fixed an XSS attack vector in Security Library method xss_clean().
  • Changed Config Library method base_url() to fallback to ``$_SERVER['SERVER_ADDR']`` in order to avoid Host header injections.
  • Changed CAPTCHA Helper to try to use the operating system's PRNG first.
Since most have moved on to the development version of 3.0 from the GitHub repo, these fixes only affect sites powered by the legacy version.We felt that sites who were still running 2.x and potentially impacted by the vulnerability warranted an update so the release available for that version line is secure.

You can download v2.2.6 now, and we encourage you to read the full changelog.

This is the last planned update for CodeIgniter 2, which has reached end-of-life.
James Parry
Project Lead
Reply


Messages In This Thread
CodeIgniter 2.2.6 Released - by jlp - 10-31-2015, 01:09 PM
RE: CodeIgniter 2.2.6 Released - by regis92 - 11-02-2015, 11:40 AM
RE: CodeIgniter 2.2.6 Released - by ciadmin - 11-02-2015, 11:59 AM
RE: CodeIgniter 2.2.6 Released - by regis92 - 11-02-2015, 12:11 PM
RE: CodeIgniter 2.2.6 Released - by iAmcR - 11-13-2015, 10:03 PM
RE: CodeIgniter 2.2.6 Released - by AmarInfotech - 08-24-2016, 10:29 PM
RE: CodeIgniter 2.2.6 Released - by ilejesthe - 08-31-2016, 04:00 AM
RE: CodeIgniter 2.2.6 Released - by Narf - 08-31-2016, 08:47 AM
RE: CodeIgniter 2.2.6 Released - by Mehdi001 - 10-24-2016, 02:50 PM



Theme © iAndrew 2016 - Forum software by © MyBB