Important security updates to our extensions

Important security updates to our extensions

Security-Patch---Newsletter---600x300.png

 

It has come to our attention that there are several security advisories that may cause our extensions to disclose the absolute path of your site. We have addressed all these issues within the first 30 minutes after we have received this report and due to security concerns and the safety of our customer's sites, we will not be disclosing any changes on this blog post until further notice.

It is important that if you are using our extensions, please ensure they are all updated to the latest and greatest versions below:

 

EasySocial

Please ensure that you are running v1.1.6 . Changelog can be found at http://stackideas.com/changelog/easysocial

 

EasyBlog

Please ensure that you are running v3.9.15210 . Changelog can be found at http://stackideas.com/changelog/easyblog

 

EasyDiscuss

Please ensure that you are running v3.2.9304. Changelog can be found at http://stackideas.com/changelog/easydiscuss

 

Komento

Please ensure that you are running v1.7.4. Changelog can be found at http://stackideas.com/changelog/komento

SectionEx

Please ensure that you are running v2.5.118. Changelog can be found at http://stackideas.com/changelog/sectionex

 

 

Subscription Expired?

If you have an expired subscription, you can use the coupon code RENEW30 to obtain 30% discounts for your renewal.

 

 

 

Comments (21)

Thanks for the update Mark. As I work through my updates, I'm wondering if there are any thoughts about allowing notification and updating through the Watchful.li? Thanks for all you do. Each additional website I work on and improve, the more I am thoroughly impressed with the component.

  Attachments
Your account does not have privileges to view attachments in the comment
 
  1.    Stephen Crewson

We actually do plan to ensure all our products are compatible with Watchful.li in the near future. At least it's in our roadmap for 2014

  Attachments
Your account does not have privileges to view attachments in the comment
 
  1.    Mark

Thanks Mark. That's great news. I realized too that after manually updating Easyblog that there is a feature in Watchful that would have simplified the process for me. If a user goes to their Watchful Dashboard they can click on Install which will take them to the next steps which are pretty straightforward after that. Thanks again.

  Attachments
Your account does not have privileges to view attachments in the comment
 
  1.    Stephen Crewson

Yep, we've actually tested them ourselves and it does seem to work pretty flawlessly. Something that we should take a look at in the near future

  Attachments
Your account does not have privileges to view attachments in the comment
 

Thanks for update, Mark

I wonder is there any news about easysocial 1.2. I mean any timeframe? And if possible take a look at your demo, i think i will change my web site structure based on new verison ( i saw some pictures of new version). So, in this free time, i can prepare my web site for new version. i have 6 major joomla extentions besides easysocial. But all of their design and structures based on easysocial...

  Attachments
Your account does not have privileges to view attachments in the comment
 
  1.    gökhan

We are still updating some major parts of EasySocial 1.2 but I believe a beta should be possible real soon Stay tune for more updates!

  Attachments
Your account does not have privileges to view attachments in the comment
 

Thanks Mark - I have only just discovered Stack Ideas products and have bought Easy Discuss for my community website, Go Weardale, so will be updating the extension this evening.

  Attachments
Your account does not have privileges to view attachments in the comment
 
  1.    DigitalSoda

Great choice. You are going to be extremely pleased by Stack Idea Products and their exceptional service. It's been worth every penny for me and one more reason why I continue to use Joomla.

  Attachments
Your account does not have privileges to view attachments in the comment
 

Thanks If you need any help, let me know.

  Attachments
Your account does not have privileges to view attachments in the comment
 

If it possible to see the stackideas's component installer(It may be a little plugin). I am a big fan of Stackideas.
I have 4 products of stackideas, It really boring to set login provider, user group for each components.

  Attachments
Your account does not have privileges to view attachments in the comment
 

Well done for the fast response and updates, keep up the good work. You may also send an email to your customer telling them to be aware about this important security updates.

  Attachments
Your account does not have privileges to view attachments in the comment
 

Thanks Hex, we actually did send an email to our customers via our subscription system. Are you subscribed?

  Attachments
Your account does not have privileges to view attachments in the comment
 

Where can i Download the fixed files for EasyDiscuss 3.2.9248? Changelog for 3.2.9304 does not show me wich files are include the Security fix!?

  Attachments
Your account does not have privileges to view attachments in the comment
 

Hello Rene,

In order to protect our customers, we'll only be releasing this patch files a week from now so that our customers have time to update their products. You can download the latest version and upload it through the Extensions Manager.

  Attachments
Your account does not have privileges to view attachments in the comment
 
  1.    Mark

In order to protect our customers, we'll only be releasing this patch files a week from now so that our customers have time to update their products.
sorry but i don't unterstand your reply..you will wait a week from now and then you will releasing patch files for 3.2.9248? what is the protect if you wait a week before you offer a patch for older versions?

  Attachments
Your account does not have privileges to view attachments in the comment
 

This is so that our customers have time to update their site.

  Attachments
Your account does not have privileges to view attachments in the comment
 
  1.    Mark

hmm ok..but in the meantime you could send me the fixed files to my e-mail, or? if it's a important security issue then i should not wait a week.

  Attachments
Your account does not have privileges to view attachments in the comment
 

Is there a patch for security fix for expired suscriptions?

  Attachments
Your account does not have privileges to view attachments in the comment
 

Hi - Where are you in the process of addressing security and other concerns related to your extensions? I have someone that is looking for a blog component for Joomla, and I am hesitant to recommend EasyBlog given some information I've heard relatively recently. I have personal experience with EasyDiscuss, and recently let my subscription for it expire due to security concerns. We removed it from 2 sites where it was used, and removed it from consideration on 3 other sites. In addition, a...

Hi - Where are you in the process of addressing security and other concerns related to your extensions? I have someone that is looking for a blog component for Joomla, and I am hesitant to recommend EasyBlog given some information I've heard relatively recently. I have personal experience with EasyDiscuss, and recently let my subscription for it expire due to security concerns. We removed it from 2 sites where it was used, and removed it from consideration on 3 other sites. In addition, a very large client is running it, and we are poised to recommend removing it there as well. Thanks in advance for promptly addressing these items.

Read More
  Attachments
Your account does not have privileges to view attachments in the comment
 

Hello Jay,

If you have any issues with security, get in touch with us As far as we are aware of, we have already addressed all security related issues

  Attachments
Your account does not have privileges to view attachments in the comment
 

Hi Mark - When I receive an email that specifies everything from a company should be avoided, it certainly gets my attention. Can you point out specifically what has been done to EasyBlog to address these issues? It doesn't matter to me about EasyDiscuss as I have no intention of getting back into that at this point. Thanks!

  Attachments
Your account does not have privileges to view attachments in the comment
 
There are no comments posted here yet

Subscribe To Our Blog

Subscribe to our blog by entering your email address:

Thanks! You have subscribed to our newsletter.

We have acquired PayPlans from ReadyBytes

Wednesday, 06 September 2017 by Mark

EasySocial 2.1 Alpha Released

Wednesday, 30 August 2017 by Mark

Introducing EasyArticles

Thursday, 25 May 2017 by Mark

Echo Template Released

Tuesday, 24 January 2017 by Sylvie