Seagull 0.6.0RC3 Released - Including Urgent Security Fix

May 29, 2006 00:09, contributed by: seagull

RC3 is out! This will be the last release candidate before the stable 0.6.0 release. But first an urgent security notice:

Tobias Schlemmer wrote in earlier last week to report a compromise he'd discovered that allowed registered members of a Seagull installation to increase their privileges to admin user level. His hack was quite creative and I don't think your average member is going to come up with something similar, but I urge all Seagull users to upgrade to the latest RC3 release which includes a fix that plugs the security hole.

If you're running an RC2 release and don't want to do a full upgrade yet, you can apply this patch. If you still need help fixing your install try the irc channel, forum or mailing list.

Back to RC3, there are lots of new features including:

  • Implemented observers for login and registration managers, this makes integrating your Seagull app with other sites quite flexible, see FUD integration for an example and the Single Sign On writeup
  • Oracle data and schema have been updated to work with the latest code (Ben and Marco Patania)
  • URI aliases have been extended to support dynamic parameters (Andrey Podshivalov and Davert)
  • A new theme is in the works, you can check it out by switching to 'classic' (Julien Casanova)
  • Integration with Gallery 2.1 updated (Neil Mather)
  • Browsing history added to the session
  • Integration of Varico's DataGrid component (Krzysztof Kempinski)
  • Added ability to cache core libs, 20 class files compressed into a single 100kb include
  • Rebuild process now updates the DB_DataObject links file (fk relations)
  • A Japanese translation added with 2 encodings (Dozo Yousan)
  • Module generator extended, it now builds functional CRUD forms representing your data structure (Gerald Fischer, AJ Tarachanowicz)
  • Improved integration of organisations and org types
  • Important authentication and authorisation code cleanup

And of course there were many bugfixes which include improvements in Translation2 integration, recognition of more sapi types during install, added missing js files for TinyFCK, and fixes for commandline mode.

What's on the agenda before the final 0.6.0 stable release is ready? Mainly work on improving the current PEAR handling of feature additions, more modules will be factored out of the core install, and features will be installable on demand, including modules, libs, plugins and themes. There are also plans for introduced driver-based authentication, and potentially replacing PEAR::DB with MDB2 as the former is now deprecated.

Thanks for everyone's bugfixes and feedback, keep 'em coming!

[back to list]

comments


be the first to leave a comment
Enter your comment Note: Comments must be approved before being displayed.
  #####   #######  #######   #####  
 #     #  #        #    #   #     # 
       #  #            #    #     # 
  #####   ######      #      #####  
       #        #    #      #     # 
 #     #  #     #    #      #     # 
  #####    #####     #       #####  
 

At a Glance

Sponsors

  • Get programming homework help from professionals at Homework-Desk.com anytime!
  • HomeworkPal.com - homework help with biology, physics, math assignments.
  • Having problems with your assignment? Our homework help site can give you a hand with math, physics, programming and much more!
  • Free Usenet Trial
  • ecommerce website new zealand

Login

Username Password

Not Registered?
Forgot Your Password

*denotes required field

Community

 
Seagull PHP Framework

Sponsored by

The Seagull project is sponsored by Seagull Systems, see the range of products offered.

Readers