Ushahidi Platform v2.4 - Bug Fix Release

Ushahidi
May 31, 2012

It's that time of the month again when we release a newer version of the Ushahidi platform. As with the last one, this is also a bug fix release so no new features - just some ironing on what already exists. The Ushahidi core platform and Crowdmap are both updated.

Bug Fixes include

Scheduler Fixed: A 500 error that was being thrown by the Scheduler

Category icons not showing up on the map

Fix on the map styling on the Actions/Triggers module

Users and admin were not able to change their passwords  - this was due to some CSRF fixes

Users not being able to find locations using co-ordinates

Users not being able to subscribe for alerts from Trusted categories

All issues reside on github, but for more on the issues addressed, check this detailed bug tracking spreadsheet.

Security updates

There were also some security issues, which have since been addressed. Details of an XSS exploit were posted on exploits DB some time ago. This was initial fixed with a quick patch to the user admin view. However, XSS vulnerabilities were still present in other views and fields. You can grab the patch from the Security notice page Be sure to upgrade your deployments, those fixes are important. And, in case you come across any bugs or if you have a feature you would like, please add it as an issue on Ushahidi's github issues . Github Issues The new version of the platform is also available here and also on this github link. Thanks! We'd like to thank everyone who submitted bug reports and tested the release. As well, special thanks to Sharon Rutto, our Ushahidi intern for her testing.