I simply downloaded the latest phpthumb and replaced the files in core/model/phpthumb/ with the new ones, and so far I haven't had any problems with it.
-
- 53 Posts
Just wanted to mention that this never made it into the Security Notices. I know there's been a more recent vulnerability that required updates anyway, but this one's a few months older and I found this while researching the same issue on another site I maintain. Are there other issues like this that generally don't make it in there, or did this just get overlooked? I try to keep things upgraded, but with a few dozen sites to maintain, I also rely on those notices for the really important things.
If there's a better way to do it, I'll find it.
-
- 53 Posts
Yeah, the most recent version of MODX has been updated as well. The MODX team is just really good about posting Security Notices, whether they affect the core files or Extras, from what I can tell. I'm wondering if this somehow got missed, or if I was wrong about my assumption that all things MODX-related end up in the Security Notices.
If there's a better way to do it, I'll find it.
-
- 53 Posts
I usually do read those. Either I just missed it that time, or didn't think about it applying to other sites for whatever reason. Or I was just doing too many sites at once and my eyes glazed over.
We have SO many sites to upgrade when a new version of MODX comes out that we've been talking about scripting the upgrade process for the backup/wget/unzip/rsync part of the process, just haven't gotten around to it. Even the browser upgrade process is pretty much clicking a button that's some variation of "OK" or "Next" over and over. I keep wondering if I could go all the way and write an Extra, but I feel like someone would have done it by now if it were possible. I have to admit the WP upgrade process is one advantage it has over MODX. One of the few, IMO, but still. ;-)
Sorry, off-topic ramble there.
If there's a better way to do it, I'll find it.