Users running a non-download version of Vanilla (pulled from github), on branch release/2019.016 or master from the last 2 weeks should upgrade to release/2019.017 or latest master for security reasons. Downloaded official open sources releases are not affected.
Linc · Director of Development · Vanilla Staff
Options are papercuts.
There are a number of addons with important security updates. Please audit your addons against this list: FileUpload 1.9.2 was released today with 4 security patches. This is also its final release. … (View Post)9
Get it here: https://open.vanillaforums.com/addon/vanilla-core This release includes 5 security patches disclosed thru our HackerOne bounty campaign. They include fixes for: * A remote code execution… (View Post)4
(Quote) I'm afraid only one of us has FileZilla to determine the root cause of that one. :) (View Post)1