www.yiiframework.com
Open in
urlscan Pro
2a01:4f8:1c0c:63e7::1
Public Scan
URL:
https://www.yiiframework.com/news/87/yii-2-0-5-is-released-security-fix
Submission: On September 28 via manual from US — Scanned from DE
Submission: On September 28 via manual from US — Scanned from DE
Form analysis
1 forms found in the DOMGET /search
<form id="search-form" class="navbar-form" action="/search" method="get">
<input type="hidden" name="type" value="news">
<div class="form-group nospace">
<div class="input-group">
<input type="text" class="form-control" id="search" name="q" placeholder="Search News…" autocomplete="off" value="" style="width: 226px;">
</div>
</div>
<div id="search-resultbox" style="width: 350px;"></div>
</form>
Text Content
* Guide * API * Wiki * Forum * Community * Live Chat * Extensions * Resources * Members * Hall of Fame * Badges * More * Learn * Books * Resources * Develop * Download Yii * Report an Issue * Report a Security Issue * Contribute to Yii * Donate * About * What is Yii? * Release Cycle * News * License * Team * Official Logos and Design * Login Yii Framework News Jul 11, 2015 YII 2.0.5 IS RELEASED (SECURITY FIX) We are releasing Yii 2.0.5 to fix a security issue found in the yii\web\ViewAction class. We urge all users of the class to upgrade their Yii installation to this latest release. Upgrading from 2.0.4 to this release is very safe as the release does only contain the bugfix for the vulnerability and will not break your existing code. The vulnerability is in the ViewAction action. It is possible to execute any PHP file (a file ending with .php) on the disk by passing a relative path via view parameter. Since the issue was posted on the public issue tracker and is already known, we've fixed it and decided to make this release immediately. We have reserved a CVE number (CVE-2015-5467) for this issue, which you can use to refer to it. RELATED NEWS * Yii 2.0.47 * Yii 1.1.27 is released * Yii 1.1.28 is released and security support extended * Yii 2.0.48 * Yii 2.0.49 TAGS * release * security NEWS ARCHIVE * 2023 (66) * 2022 (82) * 2021 (101) * 2020 (64) * 2019 (75) * 2018 (32) * 2017 (35) * 2016 (30) * 2015 (9) * 2014 (6) * 2013 (11) * 2012 (14) * 2011 (10) * 2010 (10) * 2009 (23) * 2008 (5) * About * About Yii * News * License * Contact Us * Downloads * Framework * Documentation * Extensions * Logo * Documentation * Guide * API * Wiki * Resources * Development * Contribute * Latest Updates * Report a Bug * Report Security Issue * Community * Forum * Live Chat * Facebook Group * Hall of Fame * Badges * * Terms of service * License * Website Source Code * * © 2008 - 2023 Yii * Design: Eshill * * Terms of service * License * Website Source Code * * © 2008 - 2023 Yii * Design: Eshill * Supported by * *