Updated: Upgrade (v6.01.10)
Posted by Falk on 04/13/2007

---

It seems some people have been having trouble with image uploading since the update to v6.01.10. I have been working to resolve this issue and have discovered that the use of the html_entity_decode() function has been causing images to fail thus not uploading. This issue has now been addressed and if you are having problems simply re-apply the patch below.

Original news item:
Just when you thought Friday the 13th could pass without any problems, a new exploit has been reported by CodeRS. A slight flaw has been discovered in the verify_image() function used to ensure that images do not contain malicious code. But, don't panic, because I am pleased to report that this problem has been addressed and a patch is now available for download (v6.01.10). All users are advised to upgrade immediately. We remain fully committed to the security of our CMS and will continue to fix problems should they arise as quickly as possible.

Existing v6.01.9 users can download the file '6.01.10 Update for v6.01.9 and simply upload the included files and click upgrade under System Admin. if you are running an earlier version of 6.01.x you will first need to apply the previous updates first. The full sourceforge package has been updated.

PHPFusion 6.01.10 Update FOR V6.01.9 ONLY (10Kb).
PHPFusion 6.01.10 (2.04Mb).