Create account



CodeIgniter.com Twitter      


  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Thread Modes
CodeIgniter 2.2.6 Released

Offline jlp
Member
***
Posts: 184
Threads: 87
Joined: Sep 2014
Reputation: 60
#1
10-31-2015, 02:09 PM
CodeIgniter 2.2.6 has been released today, and is a security release for the 2.x branch.
  • Fixed an XSS attack vector in Security Library method xss_clean().
  • Changed Config Library method base_url() to fallback to ``$_SERVER['SERVER_ADDR']`` in order to avoid Host header injections.
  • Changed CAPTCHA Helper to try to use the operating system's PRNG first.
Since most have moved on to the development version of 3.0 from the GitHub repo, these fixes only affect sites powered by the legacy version.We felt that sites who were still running 2.x and potentially impacted by the vulnerability warranted an update so the release available for that version line is secure.

You can download v2.2.6 now, and we encourage you to read the full changelog.

This is the last planned update for CodeIgniter 2, which has reached end-of-life.
James Parry
Project Lead
Find
Reply

Offline regis92
Junior Member
**
Posts: 7
Threads: 2
Joined: Apr 2015
Reputation: 0
#2
11-02-2015, 12:40 PM
Hello,

Did you plan to update the page http://www.codeigniter.com/user_guide/in...ading.html with :
. Upgrading from 2.2.5 to 2.2.6
. Upgrading from 2.2.4 to 2.2.5
. Upgrading from 2.2.3 to 2.2.4

...?

Thanks,
Régis
Find
Reply

Offline ciadmin
Administrator
*******
Posts: 622
Threads: 14
Joined: Jan 2014
Reputation: 35
#3
11-02-2015, 12:59 PM
See http://www.codeigniter.com/userguide2/in...ading.html
The upgrading page you reference is from the user guide for version 3 Undecided
Website Find
Reply

Offline regis92
Junior Member
**
Posts: 7
Threads: 2
Joined: Apr 2015
Reputation: 0
#4
11-02-2015, 01:11 PM
Oups... thanks a lot !
Find
Reply

Offline iAmcR
Junior Member
**
Posts: 1
Threads: 0
Joined: Nov 2015
Reputation: 0
#5
11-13-2015, 11:03 PM
(10-31-2015, 02:09 PM)jlp Wrote: CodeIgniter 2.2.6 has been released today, and is a security release for the 2.x branch.
  • Fixed an XSS attack vector in Security Library method xss_clean().
  • Changed Config Library method base_url() to fallback to ``$_SERVER['SERVER_ADDR']`` in order to avoid Host header injections.
  • Changed CAPTCHA Helper to try to use the operating system's PRNG first.
Since most have moved on to the development version of 3.0 from the GitHub repo, these fixes only affect sites powered by the legacy version.We felt that sites who were still running 2.x and potentially impacted by the vulnerability warranted an update so the release available for that version line is secure.

You can download v2.2.6 now, and we encourage you to read the full changelog.

This is the last planned update for CodeIgniter 2, which has reached end-of-life.

Thank you all for the great work on CodeIgniter 2. It's been a very great framework! I'm sure this will continue on to version 3.
Find
Reply

Offline AmarInfotech
Junior Member
**
Posts: 6
Threads: 0
Joined: Aug 2016
Reputation: 0
#6
08-24-2016, 11:29 PM
Appreciate This.
I sure that this helps to improve the usability of this PHP framework.
AmarInfotech is a PHP Development Company that offers a variety of frameworks like Zend, CakePHP, CodeIgniter to the global clients.
Website Find
Reply

Offline ilejesthe
Junior Member
**
Posts: 2
Threads: 0
Joined: Aug 2016
Reputation: 0
#7
08-31-2016, 05:00 AM
Many thanks also benefited
o24
Website Find
Reply

Offline Narf
Me
*******
Posts: 1,366
Threads: 0
Joined: Oct 2014
Reputation: 100
#8
08-31-2016, 09:47 AM
(08-31-2016, 05:00 AM)ilejesthe Wrote: Many thanks also benefited

It's a little late for that, you should be using 3.x already.
Find
Reply

Offline Mehdi001
Junior Member
**
Posts: 1
Threads: 0
Joined: Dec 2015
Reputation: 0
#9
Thumbs Up  10-24-2016, 03:50 PM
Thanks
Find
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


Users browsing this thread:
1 Guest(s)


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2017 MyBB Group.