Note : This patch was updated on the 5th of March, 2012 after the initial release on the 1st of March. If you still see the "Template load error" after applying the initial patch, please download again and re-apply the patch.
Thanks to the community feedback, we found an issue in Movable Type 5.13, 5.07, and 4.38 Security Updates and created a patch to resolve it. Due to the more strict policy in 5.13, 5.07 and 4.38, some plugins produce the "Template load error". There are two ways to resolve this error:
- Fix your plugin to meet the security policy in 5.13 / 5.07 / 4.38.
- Apply the patch and enable AllowFileInclude configuration directive to moderate the strict security policy.
It is recommended to (1) fix the plugin because AllowFileInclude weakens the protection against malicious plugins and templates. Please do not forget to disable AllowFileInclude directive once you update your plugin to the fixed version.
Please refer to the following pages for details.
- Movable Type 5.13, 5.07, and 4.38 patch 1 release notes
- How to apply the patch
- How to fix your plugin
If you are not seeing this "Template load error" after your upgrade, you don't need to apply this patch. This patch will be included in the next release of Movable Type.
Mihai Bocsaru
March 2, 2012 2:11 PM | Reply
I've already seen this in action inside one of my projects, so thanks for releasing this fix Jun!
Kind Regards,
Mihai Bocsaru
Bill
March 4, 2012 8:45 PM | Reply
If we are not experiencing the "Template load error" after updating to 5.13 / 5.07 / 4.38 is it still recommended to install this patch?
Jun Kaneko
March 4, 2012 9:20 PM | Reply
Hi bill,
No, you don't have to install the patch if you are not seeing the error.
The fix will be included in the next release of Movable Type ( 5.14 ).
Mihai Bocsaru
replied to comment from Bill
March 7, 2012 1:14 PM | Reply
I would still recommend implementing the patch, as a principle.
Mihai Bocsaru
March 7, 2012 1:17 PM | Reply
Hi Jun,
Please consider integrating the v5.13 patch inside the v5.13 product versions available for download.
That way we could make sure that anybody downloading the product from now on, would have the patch included in the installation files.
Once that is done, you could add a notice here that since March the XXth, this patch is included on the v5.13 installation package.
Thanks,
Mihai
Jun Kaneko
replied to comment from Mihai Bocsaru
March 7, 2012 6:05 PM | Reply
Mihai,
Thanks for your thought. We must ship a new version to change the code otherwise nobody can tell which versions of the software she is using.
Mihai Bocsaru
replied to comment from Jun Kaneko
March 8, 2012 6:45 AM | Reply
I was just thinking to add this fix to the downloadable version and then to put a notice on this page that from today on this patch is inside the version that is available for download.
Thanks,
Mihai
Andon Ivanov
March 21, 2012 2:28 AM | Reply
I don`t understand, if i download final version this patch its appled or need to apply after instal MT?
Davideo
March 23, 2012 1:53 AM | Reply
Bonne nouvelle ! Je dois lancer un nouveau site. Je vais pouvoir me servir de la dernière version de MT!
cakesdeliveryhyderabad
April 12, 2012 12:33 AM | Reply
Cakes give the reasons to go delicious, and that’s the reason that this king of confectionary items centre all the celebrations and moods. The mood will go crazy now, for, the cake specialist called CakesDeliveryHyderabad.com is on action now. Join the cake cascade that www.cakesdeliveryhyderabad.com is filled with.
Mellany High
July 3, 2012 6:02 AM | Reply
I've done it twise but I still got the error message. After 24 hours delay and another downloading it has been fixed.
Russin
September 25, 2012 10:12 AM | Reply
Good patch update to stop malicious plugins and templates
Phen375
October 11, 2012 8:13 PM | Reply
I don't know but i am little bit confuse over this patch. I need to install it or what?
Bosbirding
October 12, 2012 3:02 AM | Reply
Very nice and interesting post. I like the idea of this patch and i hope everyone knows it better before using it.
broanrange
October 14, 2012 10:30 PM | Reply
wow,really thanks for your great update.just got "Template load error" before.so already download the file,ready to upgrade now.Cheerz.:?
6500k cfl
October 23, 2012 12:14 AM | Reply
Hi thanks for sharing. Movable Type is great.
Deer antler velvet
October 26, 2012 5:33 AM | Reply
i really enjoy this post,thx for share.
battery
October 28, 2012 11:43 PM | Reply
thanks for sharing..
iwin.vn
November 5, 2012 8:47 PM | Reply
thanks for the post. All of us on the Movable Type team are excited to show off what we've been able to do thanks to the efforts of our community.
Joe Flacco Jersey
November 9, 2012 8:09 PM | Reply
thanks for the post.Fantastic article, I can’t wait to view more
huanghaiqing
November 10, 2012 2:10 AM | Reply
Bonne nouvelle ! Je dois lancer un nouveau site. Je vais pouvoir me servir de la dernière version de MT!
beijing escort
replied to comment from Mihai Bocsaru
November 11, 2012 4:31 AM | Reply
Thank you posting relative informatio
christian louboutin replica
December 25, 2012 1:27 AM | Reply
yes, I will try it