Revive Adserver 3.0.5
16 May 2014
Revive Adserver version 3.0.5 is now available (security release).
Upgrading to Revive Adserver 3.0.5
Revive Adserver 3.0.5 can be upgraded to (or installed) using any of Installatron's products. Use Installatron's optional Automatic Update feature to automatically apply Revive Adserver updates as new versions are released, or use Installatron's Clone feature to duplicate an existing Revive Adserver install to test the 3.0.5 upgrade prior to applying it live. Get started managing your Revive Adserver installations with Installatron
What's New in Revive Adserver 3.0.5
Security
- CVE-2013-5954 - Fixed CSRF vulnerability a number of UI pages performing delete and unlink actions (www/admin/admin-user-unlink.php, www/admin/advertiser-delete.php, www/admin/advertiser-user-unlink.php, www/admin/affiliate-delete.php, www/admin/affiliate-user-unlink.php, www/admin/agency-delete.php, www/admin/agency-user-unlink.php, www/admin/banner-delete.php, www/admin/campaign-delete.php, www/admin/channel-delete.php, www/admin/tracker-delete.php, www/admin/userlog-delete.php and www/admin/zone-delete.php). For more information: http://www.revive-adserver.com/security/revive-sa-2014-001
New Features
- An error message is now displayed when trying to install or upgrade Revive Adserver with unsupported PHP 5.4/5.5 versions (< 5.4.20 or < 5.5.2).
- Updated the MaxMind GeoIP plugin to include the May 2014 MaxMind GeoCountry database.
Bug Fixes
- Fixed bad translation in the Russian language translation.
- Fixed history statistics screens to prevent displaying future dates when showing "All statistics".
- Fixed broken "DeliveryDataPrepare:dataPageInfo" and "DeliveryDataPrepare:dataUserAgent" components of the standard delivery logging plugin.
- Added proper Content-Type header with charset to some scripts in order to override the webserver default.
- Changed a few occurrences of the non-existing "Content-Size" header to "Content-Length".
- Switched a few deprecated "ereg" calls to "preg" in PEAR libraries.