Page 1 of 1

Security Update

Posted: 05 Mar 2018, 18:05
by Mathias
Some of our users found security vulnerabilities in the PHP code of PiCtory and RevPi Core Status. Now we are releasing an update to fix these problems in the Jessie Image.
The installation is as usual:

Code: Select all

sudo apt update
sudo apt install pictory
The packages piserial and revpi-webstatus are updated automatically.

Re: Security Update

Posted: 08 Mar 2018, 17:43
by volker
Sorry but we need to inform about a second update for eliminating further security issues with PiCtory.
As some of our users do expose their system's web server (against our advice) unprotected to public or semi-public networks we need to make sure that all known issues are eliminated.

The installation is as usual:

sudo apt update
sudo apt install pictory

Re: Security Update

Posted: 12 Mar 2018, 14:05
by Mathias
We have to postpone an update:
In the last version there were problems with the Modbus Master and Slave modules. Additional underscores __ have been added to the names of the serial driver (e. g. /dev/ttyUSB0) or to the IP address. The new version 1.3.4 doesn't do this anymore. However, you have to load the project after the update, remove the underscores, save the project as a start project and do aDriver Reset via the menu.
In the Config and Services pages it was not possible to save changes, this is now possible again.