=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2009/VULN108
_____________________________________________________________________

DATE                      : 23/03/2009

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running TikiWiki versions prior to 2.3.

======================================================================
http://info.tikiwiki.org/tiki-read_article.php?articleId=51
______________________________________________________________________

TikiWiki CMS/Groupware 2.3 is released!
By: Marc Laporte on: March 18, 2009 06:07 pm PST (521 Reads)
Print
It is with great pleasure that the TikiWiki community releases TikiWiki
CMS/Groupware 2.3

Tiki 2.3 is a security & bugfix release of version 2.2

Updating to version 2.3 is highly recommended. In addition to several
minor fixes and enhancements, the update addresses an XSS vulnerability.
Special thanks to iliz for reporting. No database update required by
this release.

Get TikiWiki 2.3 here:
https://sourceforge.net/project/showfiles.php?group_id=64258&package_id=266122 (external link)

changelog (external link)
http://tikiwiki.svn.sourceforge.net/viewvc/tikiwiki/branches/2.0/changelog.txt?view=markup

More information on 2.0
http://doc.tikiwiki.org/TikiWiki+2.0 (external link)
http://info.tikiwiki.org/art35

More information on 2.1
http://info.tikiwiki.org/art40

More information on 2.2
http://info.tikiwiki.org/art41

As always, please report any security issues to security.tikiwiki.org (external link)


Work is ongoing on TikiWiki 3.0, which will be released in April 2009. The main focus of
version 3.0 will be further enhancements to the user interface, the admin interface, the
theme system and built-in themes. Additional goodies include webservices and enhancements
to the plugins.

======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================