시스템 보안 업데이트 3.1.0 -> 3.1.2 업데이트 일괄 적용 완료.

작성 : 2016-12-23 18:03:53
작성자 DWEBS
타입

솔루션의 시스템 코어의 보안 업데이트가 이루어졌습니다.

 

기존 

3.1.0 

 

업데이트

3.1.2

 

금번 업데이트 이후 사이트내의 문제가 발생한다면 문의 남겨주시면 신속히 해결하여 드리겠습니다.

 

 

 시스템의 일괄 업데이트 적용은 저희 디웹스가 개발한 자체솔루션의 특 장점중 하나입니다.

 

디웹스는 모든 클라이언트분들이 사업에만 전념 하실 수 있도록 항상 노력하고 있습니다.

디웹스를 선택해 주셔서 감사합니다.

- 디웹스 -

Change Log

Version 3.1.2

Release Date: Oct 28, 2016

  • Security
    • Fixed a number of new vulnerabilities in Security Library method xss_clean().
  • General Changes
    • Allowed PHP 4-style constructors (Mathching_name::Matching_name() methods) to be used as routes, if there’s a __construct() to override them.

Bug fixes for 3.1.2

  • Fixed a regression (#4874) - Session Library didn’t take into account session.hash_bits_per_character when validating session IDs.
  • Fixed a bug (#4871) - Query Builder method update_batch() didn’t properly handle identifier escaping.
  • Fixed a bug (#4884) - Query Builder didn’t properly parse field names ending in ‘is’ when used inside WHERE and HAVING statements.
  • Fixed a bug where CI_LogCI_OutputCI_Email and CI_Zip didn’t handle strings in a byte-safe manner when mbstring.func_override is enabled.

Version 3.1.1

Release Date: Oct 22, 2016

Bug fixes for 3.1.1

  • Fixed a bug (#4732) - Session Library triggered errors while writing data for a newly-created sessions with the ‘memcached’ driver.
  • Fixed a regression (#4736) - Image Manipulation Library processing via ImageMagick didn’t work.
  • Fixed a bug (#4737) - Query Builder didn’t add an OFFSET when LIMIT is zero or unused.
  • Fixed a regression (#4739) - Email Library doesn’t properly separate attachment bodies from headers.
  • Fixed a bug (#4754) - Unit Testing Library method result() didn’t translate res_datatype.
  • Fixed a bug (#4759) - Form ValidationTrackback and XML-RPC libraries treated URI schemes in a case-sensitive manner.
  • Fixed a bug (#4762) - Cache Library ‘file’ driver method get_metadata() checked TTL time against mtime instead of the cache item’s creation time.
  • Fixed a bug where File Uploading Library generated error messages on PHP 7.1.
  • Fixed a bug (#4780) - compatibility function hex2bin() didn’t reject inputs of type “resource”.
  • Fixed a bug (#4787) - Form Validation Library method valid_email() triggered E_WARNING when input emails have empty domain names.
  • Fixed a bug (#4805) - Database driver ‘mysqli’ didn’t use the MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT flag properly.
  • Fixed a bug (#4808) - Database method is_write_type() only looked at the first line of a queries using RETURNING with the ‘postgre’, ‘pdo/pgsql’, ‘odbc’ and ‘pdo/odbc’ drivers.
  • Fixed a bug where Query Builder method insert_batch() tried to execute an unsupported SQL query with the ‘ibase’ and ‘pdo/firebird’ drivers.
  • Fixed a bug (#4809) - Database driver ‘pdo/mysql’ didn’t turn off AUTOCOMMIT when starting a transaction.
  • Fixed a bug (#4822) - CAPTCHA Helper didn’t clear expired PNG images.
  • Fixed a bug (#4823) - Session Library ‘files’ driver could enter an infinite loop if mbstring.func_override is enabled.
  • Fixed a bug (#4851) - Database Forge didn’t quote schema names passed to its create_database() method.
  • Fixed a bug (#4863) - HTML Table Library method set_caption() was missing method chaining support.
  • Fixed a bug (#4843) - XML-RPC Library client class didn’t set a read/write socket timeout.
  • Fixed a bug (#4865) - uncaught exceptions didn’t set the HTTP Response status code to 500 unless display_errors was turned On.
  • Fixed a bug (#4830) - Session Library didn’t take into account the new session INI settings in PHP 7.1.