Hi Ray - I've looked at the changes and I don't understand what all the fuss is
about and why this is ranked as a security update.
All it does is add some more groups to the list of groups that are disabled in
core settings -> system -> other for theĀ "Prohibited User Groups for dynamic
User Group assignment using "dgr" URL param". It also makes the user group OXID
visible in the user group admin, so if you create a new group you can manually
add it to this list.
Have you any idea what this dgr stuff is all about ?
Chris
________________________________
From: Haller Stahlwaren GmbH - Raimund Lang <[email protected]>
To: "[email protected]" <[email protected]>
Sent: Thursday, July 31, 2014 12:18 PM
Subject: [oxid-dev-general] OXID eShop Patch 5.1.7 / 5.0.13 + 4.8.7 / 4.7.13
published
On tuesday we published patch releases for both the legacy and the maintenance
branch: OXID eShop Enterprise Edition 5.1.7 / 5.0.13 and Professional Edition
4.8.7 / 4.7.13 contain (amongst others) a bugfix which addresses one security
issue. Partners and NDA contractors were already informed about the details
earlier this month. The security bulletin for the issues will be made public ~
August, 12th. Therefore we strongly recommend to include this patch into your
environments as soon as possible.
_______________________________________________
dev-general mailing list
[email protected]
http://dir.gmane.org/gmane.comp.php.oxid.general
_______________________________________________
dev-general mailing list
[email protected]
http://dir.gmane.org/gmane.comp.php.oxid.general
