ilias-admins

ilias-admins@lists.ilias.de

2 participants
259 discussions

Start a nNew thread

ILIAS 5.0.22 published

by Anton Arsenij

8 years, 6 months

Drop PHP 5 Support

by Richard Klees

Dear ILIAS admins, the Jour Fixe of the ILIAS Society discussed the question how to proceed with the supported PHP versions on the last meeting [1]. To finally take the decision on the next meeting on 22.05 we need your feedback on the issue: Is there anyone who is in severe trouble if we would drop the support for PHP 5 completely with the subsequent release of ILIAS (i.e. ILIAS 5.4)? Do you see any problems if ILIAS 5.4, that will be released somewhere around end of 2018, only supports PHP > 7? Please use the wiki page [1] to voice your opinion. If we do not get any feedback we will decide to drop support for PHP 5 completely with the subsequent ILIAS release. [1] http://www.ilias.de/docu/goto_docu_wiki_wpage_4770_1357.html [2] http://php.net/releases/7_1_0.php Best regards! -- Richard Klees on behalf of the Technical Board of the ILIAS Society and also Lead Developer Qualifizierungsmanagement --------------------------------------------- CaT Concepts and Training GmbH Vorgebirgstraße 338 50969 Köln Fon: +49 (0)221 / 46 75 76 - 56 Fax: +49 (0)221 / 46 75 76 - 09 Mail: richard.klees(a)concepts-and-training.de Web: http://www.concepts-and-training.de --------------------------------------------- Geschäftsführung: Sven Kapust, Gerald Konrad, Alexandra Oehlke, Sandra Röbbelen, Volker Röbbelen, Denis Witt Amtsgericht Köln HRB 57804 Ust-ID-Nr.: DE 814694228 Sitz: Köln ---------------------------------------------

8 years, 6 months

ILIAS 5.2.4 published

by Anton Arsenij

8 years, 6 months

Recommended Version of ImageMagick

by Michael Jansen

Dear list members, we decided to change the (minimum) recommended version of 'ImageMagick' to 6.8.9-9 (http://www.ilias.de/docu/goto_docu_pg_75024_367.html#imagemagick). We noticed some issues with older versions which resulted in artifacts when drawing geometric figures (e.g., see: http://www.ilias.de/mantis/view.php?id=19064). Best regards, Michael Jansen on behalf of the ILIAS e.V. and the Technical Board

8 years, 6 months

ILIAS Security Issue: SVG Files Uploaded as Media Objects

by Michael Jansen

Dear list members, again a media object related security issue has been identified and fixed for ILIAS versions >= 5.0. A big "Thank you" goes to researcher Julian Rittweger for reporting this issue. It was possible to upload SVG files as media objects (e.g. in wiki pages) which could be used to inject and execute JavaScript (persistent XSS). With the latest fix of the responsible code maintainer, SVG files will be sanitized when uploaded to ILIAS. We advise strongly to update your ILIAS installation to the latest version. Best regards, Michael Jansen on behalf of the ILIAS e.V. and the Technical Board

8 years, 7 months

ILIAS 5.1.17 published

by Anton Arsenij

8 years, 7 months

ILIAS 5.0.21 published

by Anton Arsenij

8 years, 7 months

ILIAS 5.2.3 published

by Anton Arsenij

8 years, 7 months

ILIAS Security Issues: Self Registration and Course/File Import

by Michael Jansen

Dear list members, several security issues have been identified (thanks to Nicolas Schäfli [studer + raimann ag] and Johannes [KIT]) and fixed for ILIAS version 5.0, 5.1 and 5.2. The first weakness was located in the code validation part of the self registration. The second type of vulnerability affected the XML import of course and file objects. It was possible to copy arbitrary files into the media object directory (course import), and to copy a source file to an arbitrary location on the file system (file import). We advise strongly to update your ILIAS installation to the latest version. For more detailed explanations don't hesitate to contact us. Best regards, Michael Jansen on behalf of the ILIAS e.V. and the Technical Board

8 years, 8 months

ILIAS 5.1.16 published

by Anton Arsenij

8 years, 8 months

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

ilias-admins