Revolution 2.2.11 was released today. It includes two security fixes including one affecting the phpThumb library that ships with Revo. In addition, it eliminates a bug that appeared in Google Chrome 32 and adds an alert notifying users to confirm navigation to prevent losing unsaved changes.
As this release contains security fixes, we recommend upgrading all your sites. If you're using MODX Cloud, this just takes a couple clicks.
2.3 is coming and we'll have an update on what we've been up to, soon.
Here are the highlights of changes in the 2.2.11 release:
- Update phpThumb to 1.7.11-beta to close security vulnerability
- Prevent XSS on actionVar in header.tpl in the Manager
- Eliminate unwanted "confirm navigation" alerts in Chrome 32+
- Added intentional "confirm navigation" to prevent loss of unsaved changes
- Fix caching of manager menus. Until now, they may not have been ever cached
- For more details, read the complete changelog
Here's what you need to get started or upgrade to MODX Revolution 2.2.11:
- Download Revolution 2.2.11
- What's required to run Revolution 2.2
- How to install MODX Revolution
- How to upgrade MODX Revolution
- Read the MODX Revolution Documentation
We highly recommend keeping your software up-to-date. If you need help upgrading your site, please contact your website builder or contact a MODX Professional.
MODX is only as good as it is because of many individual community members and users that take the time to report issues and request new features. Make sure you read the documentation, post feedback and share your successes in the MODX community forums.
On behalf of the entire MODX Team,