Tiki 1.7.7 is available since 2004-05-16.

1.7.7 backports some security problems addressed in Tikiwiki 1.8.2, mainly Path Disclosure, XSS and improved CSRF routines (thanks to http://gulftech.org). It is offered for Eta Carinae Tikis that don't want to go to Polaris.

Damian Parker was the coordinator of this release.

Some links for more information about this release

Upgrade instructions

Those on ReleaseNotes181 are the best available.

Changes since 1.7.6

Bugs known to have been introduced

Security improvements

  • Creation of index.php to prevent directory listing
  • All libraries protect against being called directly
  • var check cleaning

Other changes

Page last modified on Thursday 24 June 2004 02:01:00 GMT-0000