Newscoop 4.0.3 addresses security issue and improves media archive stability

Date Submitted: December 13 2012 06:04 pm
Posted By: The Newscoop development team
Newscoop 4.0.3 has been released to patch a vital security issue, improve the media archive and fix several non-critical bugs associated with topics, caching and upgrades.

Download Newscoop 4.0.3 free!

Newscoop installation is supported on Ubuntu Linux 10.04 (Lucid), Debian GNU/Linux 6.0 (Squeeze), and Red Hat Enterprise Linux 6.2 (Santiago).

This release offers a fix to a vulnerability that exploited the Admin interface’s password restore. We posted an immediate fix in the forums as exploitation of this issue could potentially allow attackers to gain Admin access to the site. This patch permanently fixes that issue, and allows full use of the password restore functionality. Upgrade is therefore highly recommended for all users.

In addition, there are improvements to the media archive that offer far greater stability to news organisations with large collections of images (in theory, it can now handle millions of images much faster due to two levels of sub directories). Plus articles, topics, themes and performance have all seen minor fixes and improvements.

Here’s the full list of fixes...

Headlines

Vital security patch fixing vulnerability on password recovery.
Improved storage schema for images means more stability for large media archives with lots of pictures

Article Behaviour

Fixed issue preventing creation of section when translating article
Fixed problem with article type field not being considered empty due to 'is content' stats
File size upload limit can now be set in System Preferences

Topics

Empty topic no longer created on adding a new topic with a used name
Correct link now used after renaming a topic to a used name

Themes and Templates

New template syntax (role="child") allows you to list related articles in a different way
Length argument is no longer ignored in list_related_articles

Speed, Performance and Caching

Caching improved by ensuring get_img returns correct headers for expiration
All jQuery resources load on https setups
Added a ‘Remind me Never’ button to feedback screen
Plugin classes must register to auto-loading classes map
Plupload examples allows to upload files w/o any authentication

Dependencies and Upgrades

User schema no longer contains null columns after upgrade from 3.5
liveuser table UName can no longer be null after upgrade from 3.5 (this made it impossible to register)
Use of composer to handle dependencies.
Remove Doctrine from library directory as it is now handled via composer.
Added strict error reporting in MAMP
Proxy generation now works for entities out of library/Newscoop/Entity

What was new in Newscoop 4?

Back in April we published this series of screencasts http://www.sourcefabric.org/en/community/blog/1199/Your-guide-to-what's-new-in-Newscoop-4.htm outlining the major features in Newscoop 4. New features for this series included an overhauled media archive, drag-and-drop front page management, intelligent image renditions, Dynamic Maps and numerous citizen journalist and community management tools.

Resources

Download Newscoop 4.0.3 free! http://www.sourcefabric.org/en/newscoop/download/
No server? Try Newscoop Pro! http://sourcefabric.com/en/newscooppro/
Need help? Try the manual. http://www.flossmanuals.net/newscoop-4-journalists-en-4-0/

Post A Comment

Name:
Comment:
Human Verifier:
(enter the 4 blue numbers you see above)
 
Error! Invalid human verify code
Thank you for your comment. After we have reviewed your comment (to make sure it is not spam) it will be posted below.

veery-contrast