You are viewing the PKP Support Forum | PKP Home Wiki

OJS 2.3.6 Released

Are you an Editor, Author, or Journal Manager in need of help? Want to talk to us about workflow issues? This is your forum.

Moderators: jmacgreg, michael, vgabler, John

Forum rules
The Public Knowledge Project Support Forum is moving to http://forum.pkp.sfu.ca

This forum will be maintained permanently as an archived historical resource, but all new questions should be added to the new forum. Questions will no longer be monitored on this old forum after March 30, 2015.

OJS 2.3.6 Released

Postby asmecher » Thu Jun 30, 2011 2:11 pm

The PKP Development Team announces the release of OJS 2.3.6.

OJS 2.3.6 was released to address a security vulnerability affecting all versions of OJS between 2.2.1 and 2.3.5 (inclusive). The vulnerability affects file uploads to the "public" directory. See the issues marked "Critical" at http://pkp.sfu.ca/wiki/index.php/OJS_2.3.5_Recommended_Patches for full details. We recommend that users running affected versions of OJS either patch their installations with the patches available at the link above or upgrade to the newest release as soon as possible. There have been reports of abuse of this vulnerability and we suggest that users check server logs to review access to the "public" directory, looking for requests to server-side executables such as PHP scripts within that directory.

OJS 2.3.6 also includes a number of minor bug fixes and modifications, also described at the above link.

PKP takes security very seriously and has established a solid track record, both for good coding practices and for rapid responses to the few issues that have arisen. The best way to stay informed about security issues is to subscribe to the recommended patches page for your release of OJS.

For full release notes, please see http://pkp.sfu.ca/ojs/RELEASE-2.3.6. OJS 2.3.6 can be downloaded at http://pkp.sfu.ca/ojs_download.
Posts: 10015
Joined: Wed Aug 10, 2005 12:56 pm

Return to OJS Editorial Support and Discussion

Who is online

Users browsing this forum: No registered users and 1 guest