Page 1 of 1

Opencats 0.9.4-3 Security Update

Posted: 29 Jul 2019, 14:15
by ronswift2
After installing this upgrade on Ubuntu 14.04 server with existing MariaDB data, applicant and job details do not display.
Please help, thanks

Re: Opencats 0.9.4-3 Security Update

Posted: 09 Aug 2019, 16:23
by RPH
Hi,

I'm using Ubuntu 18.4 LTS and am having the same problem.
I have tried a new installation, restoring a backup and installing in existing site.
All the candidates (existing and newly created after install) aren't being displayed.

I have tried the installation on about 4 distros now ubuntu, mint, lubuntu and mate (just increase it was a problem on my machine)

Best Regards,

Rene

Re: Opencats 0.9.4-3 Security Update

Posted: 09 Aug 2019, 16:44
by ronswift2
I would hope the developer address this issue since the security issue it is suppose to resolve is quite serious.

Re: Opencats 0.9.4-3 Security Update

Posted: 03 Sep 2019, 07:44
by Zuidpl
Has the OpenCATs demo site been updated?
The candidate and job page works on the demo site.

Re: Opencats 0.9.4-3 Security Update

Posted: 03 Sep 2019, 11:44
by RussH
Hi,

the change required for this security vulnerability is quite small - as per the blog post here, it can be made manually to an existing installation. http://www.opencats.org/news/

Re: Opencats 0.9.4-3 Security Update

Posted: 04 Sep 2019, 07:31
by Zuidpl
Oke thanks will do.

Re: Opencats 0.9.4-3 Security Update

Posted: 04 Sep 2019, 21:53
by RPH
But just FYI the newest version has a problem so anyone new to opencats that downloads that version will not be able to see cantidate's details or job-orders.

Re: Opencats 0.9.4-3 Security Update

Posted: 05 Sep 2019, 11:53
by RussH
Okay, so the new version. I really need a FAQ someplace as we've been over this a fair bit!

If you download the source.zip you will have to run composer so that the dependencies are downloaded. True - the previous release did have an alternative download that also bundled all the dependencies, will see if I can recreate that for this patch.

Thanks for the info

Re: Opencats 0.9.4-3 Security Update

Posted: 05 Sep 2019, 12:30
by Zuidpl
Ah..ha.. oke i had no idea, i just followed the documentation.. good to know thanks for the expanation!

Re: Opencats 0.9.4-3 Security Update

Posted: 09 Sep 2019, 19:27
by ronswift2
After applying the fix that was recommended it appears that docx files are blocked from upload whereas doc and pdf files are acceptable.
Please review and respond. thanks.