MovableType.org : All-in-One Social Publishing Platform »Movable Type 5.12, 5.06, and 4.37 Security Updates

Movable Type 5.12, 5.06, and 4.37 Security Updates: "

Movable Type 5.12, 5.06, and 4.37 were released as mandatory security updates. These updates resolve multiple vulnerabilities discovered in Movable Type 5.x and Movable Type 4.x. All users must upgrade to this latest release immediately.

The impact of the vulnerabilities

Under certain circumstances, a user who has 'Create Entries' or 'Manage Blog' pemissions may be able to read known files on the local file system.

Versions Affected

• Movable Type Open Source 4.x


• Movable Type Open Source 5.x


• Movable Type 4.x ( with Professional Pack, Community Pack )


• Movable Type 5.x ( with Professional Pack, Community Pack )


• Movable Type Enterprise 4.x

Solution

Please upgrade to the latest versions of Movable Type 4 or Movable Type 5.

• Movable Type Open Source 4.37


• Movable Type Open Source 5.06


• Movable Type Open Source 5.12


• Movable Type 4.37( with Professional Pack, Community Pack)


• Movable Type 5.06( with Professional Pack, Community Pack)


• Movable Type 5.12( with Professional Pack, Community Pack)


• Movable Type Enterprise 4.37


• Movable Type Advanced 5.12

Download

• Download Movable Type Open Source


• Download Movable Type Pro


• Download other packages (including MT5.06)

(What is the difference?)

Installation/upgrade instructions

• Installation guide


• Upgrade guide


• Movable Type 5.12 / 5.06 / 4.37 release notes

Fixed issues

The following issues were fixed in MT5.12.

• 106303 Published URL was changed after upgrading to 5.1x

The following issues were fixed in Movable Type 5.12, 5.06, and 4.37.

• 106307 Permission error when saving custom fields settings without a system administration privilege

"