User avatar
Mathias
KUNBUS
Topic Author
Posts: 130
Joined: 29 Nov 2016, 10:46

Security Update

05 Mar 2018, 18:05

Some of our users found security vulnerabilities in the PHP code of PiCtory and RevPi Core Status. Now we are releasing an update to fix these problems in the Jessie Image.
The installation is as usual:
sudo apt update
sudo apt install pictory
The packages piserial and revpi-webstatus are updated automatically.
 
User avatar
volker
Posts: 1047
Joined: 09 Nov 2016, 15:41

Re: Security Update

08 Mar 2018, 17:43

Sorry but we need to inform about a second update for eliminating further security issues with PiCtory.
As some of our users do expose their system's web server (against our advice) unprotected to public or semi-public networks we need to make sure that all known issues are eliminated.

The installation is as usual:

sudo apt update
sudo apt install pictory
Unser RevPi Motto: Don't just claim it - make it!
 
User avatar
Mathias
KUNBUS
Topic Author
Posts: 130
Joined: 29 Nov 2016, 10:46

Re: Security Update

12 Mar 2018, 14:05

We have to postpone an update:
In the last version there were problems with the Modbus Master and Slave modules. Additional underscores __ have been added to the names of the serial driver (e. g. /dev/ttyUSB0) or to the IP address. The new version 1.3.4 doesn't do this anymore. However, you have to load the project after the update, remove the underscores, save the project as a start project and do aDriver Reset via the menu.
In the Config and Services pages it was not possible to save changes, this is now possible again.

Who is online

Users browsing this forum: No registered users and 6 guests