Movable Type 5.12, 5.06, and 4.37 were released as mandatory security updates. These updates resolve multiple vulnerabilities discovered in Movable Type 5.x and Movable Type 4.x. All users must upgrade to this latest release immediately.
The impact of the vulnerabilities ¶
Under certain circumstances, a user who has "Create Entries" or "Manage Blog" pemissions may be able to read known files on the local file system.
Versions Affected ¶
- Movable Type Open Source 4.x
- Movable Type Open Source 5.x
- Movable Type 4.x ( with Professional Pack, Community Pack )
- Movable Type 5.x ( with Professional Pack, Community Pack )
- Movable Type Enterprise 4.x
Solution ¶
Please upgrade to the latest versions of Movable Type 4 or Movable Type 5.
- Movable Type Open Source 4.37
- Movable Type Open Source 5.06
- Movable Type Open Source 5.12
- Movable Type 4.37( with Professional Pack, Community Pack)
- Movable Type 5.06( with Professional Pack, Community Pack)
- Movable Type 5.12( with Professional Pack, Community Pack)
- Movable Type Enterprise 4.37
- Movable Type Advanced 5.12
Download
- Download Movable Type Open Source
- Download Movable Type Pro
- Download other packages (including MT5.06)
Mihai Bocsaru
June 28, 2011 11:37 AM | Reply
Thanks for another round of improvements!
There releases are available for instant online evaluation at:
http://www.movabletypedemo.org/
Kind Regards,
Mihai Bocsaru
Daily Movable Type Consultant
Mihai Bocsaru
July 28, 2011 10:34 AM | Reply
Also, good if you could share with us what is your plan for the upcoming versions, say v5.13 and v5.14.
I personally look forward to see the ability of having blogs without a parent website, at least when upgrading an earlier series (say v3.x or v4.x) to movable type v5.x.
Many thanks,
Mihai Bocsaru
bet365
November 6, 2011 10:44 AM | Reply
I totally agree with Mihai Bocsaru, I would really appreciate it if you could share with us what is your plan for the upcoming versions, say v5.13 and v5.14.
Waiting for an answer. Thank you very much!
Regards,
Ionut Pop