DNN Blog Archive

Search DNN Blogs

KeywordsPhrase

DNN Bloggers

	View All Recent Entries
	Alec Whittington (11)
	Alex Shirley (10)
	Andrew Nurse (30)
	Anthony Glenwright (5)
	Antonio Chagoury (28)
	Ash Prasad (6)
	Benjamin Hermann (16)
	Benoît Sarton (9)
	Bill Walker (36)
	Bob Kruger (2)
	Brice Snow (1)
	Bryan Andrews (1)
	Cathal Connolly (44)
	Charles Nurse (130)
	Chris Hammond (175)
	Christopher Paterra (50)
	Cuong Dang (19)
	Daniel Bartholomew (2)
	Dave Buckner (2)
	Doug Howell (11)
	Erik van Ballegoij (22)
	Ernst Peter Tamminga (52)
	Gilles Le Pigocher (2)
	Ian Robinson (5)
	Israel Martinez (10)
	Jan Blomquist (3)
	Jenni Merrifield (6)
	Joe Brinkman (200)
	Jogi Nijjar (0)
	Jon Henning (14)
	Keivan Beigi (3)
	Ken Grierson (7)
	Kevin Schreiner (6)
	Leigh Pointer (31)
	Lorraine Young (60)
	Matthias Schlomann (8)
	Mauricio Márquez (5)
	Michael Washington (201)
	Mike Horton (17)
	Mitchel Sellers (16)
	Navin Nagiah (13)
	Néstor Sánchez (30)
	Nik Kalyani (14)
	Patrick Santry (3)
	Peter Donker (32)
	Philip Beadle (133)
	Richard Dumas (11)
	Rob Chartier (0)
	Robert J Collins (5)
	Roger Selwyn (2)
	Rubén López Aparicio (1)
	S. Shawn Mehaffie (17)
	Salar Golestanian (4)
	Sanjay Mehrotra (9)
	Scott McCulloch (1)
	Scott Schlesier (4)
	Scott Willhite (85)
	Sebastian Leupold (67)
	Shaun Walker (196)
	Stefan Cullmann (7)
	Stefan Kamphuis (7)
	Steve Fabian (26)
	Tam Tran Minh (0)
	Timo Breumelhof (24)
	Vicenç Masanas (26)
	Vincent Nguyen (2)
	Vitaly Kozadayev (6)
	Will Morgenweck (20)
	Will Strohl (102)
	William Severance (5)

DNN Blog

DNN 4.5.3 Change Log

May 30

Posted by: Sebastian Leupold
5/30/2007

DotNetNuke Version 4.5.3 has been released today as a quick update. Its mai purpose was to fix two security related issues. The complete list of changes reads as follows:

banner advertising disabled for all users by default

tab permission grid issue, where individual user permissions affected "all users" role's permission

incorrect display of "Upgrade available" icon for Layout Objects in Module Definitions eliminated

issue with login page redirect after signin corrected

updated ModuleControl definition for Adsense module and FeedbackExplorer, removing SolutionsExplorer

problem with [custom] tokens in system messages fixed

Trackback Print

Tags:

Categories:

Location: Blogs Parent Separator

Sebastian Leupold

3 comment(s) so far...

Re: DNN 4.5.3 Change Log

You mentioned that there were two security related fixes in 4.5.3. I don't see a Security Bulletin posted for them.

Can you give more information on the severity rating (or other description) of those issues? (I need them for servicing a security update for a client.)

Thanks!

By dagilleland on 6/1/2007

Re: DNN 4.5.3 Change Log

Dagilleland,
there is no intrusion risk, it is more an UI issue to misconfigure page permissions, granting unwanted permissions to all users if not being careful, when saving page settings. The risk only shows up, if you are assigning permissions to individual users (newly introduced in DNN 4.4.1)

By leupold on 6/1/2007

Re: DNN 4.5.3 Change Log

Thanks!
I have actually seen that problem occur. Good to know it's been rectified!
- Dan

By dagilleland on 6/1/2007

Advertisers

DotNetNuke Corporation

DotNetNuke Corp. is the steward of the DotNetNuke open source project, the most widely adopted Web Content Management Platform for building web sites and web applications on Microsoft .NET. Organizations use DotNetNuke to quickly develop and deploy interactive and dynamic web sites, intranets, extranets and web applications. The DotNetNuke platform is available in a free Community and subscription-based Professional and Enterprise Editions with an Elite Support option. DotNetNuke Corp. also operates Snowcovered.com where users purchase third party apps for the platform.

Community
- Get Involved
- Extension Forge
- Forum
- Blog
- Teams
- Recognition
Resources & Support
Partners
News Room
App Gallery
What is DNN
Get Started
- Downloads
- Video Instruction
In Action
About Us
sales@dnncorp.com (650) 288 - 3150 (650) 288 - 3191

Hosted by MaximumASP