Release Notes

What's new and what's fixed!

Carousel 7.4.5

February 14, 2019
  • Bug CSL-1683 | Security: Carousel API RenderingFetch Method is Vulnerable to Local File Inclusion (LFI) - Fixed a security issue where the RenderingFetch endpoint could access local files.
  • Bug CSL-2399 | Security: Malicious Files Can Be uploaded to the Server - Fixed a security issue where executable scripts could be uploaded to the server.
  • Bug CSL-2405 | Security: Change Admin PW on Install / Update - Implemented a workflow to force users to change the default password supplied during installation for security reasons.
  • Bug CSL-1957 | Change Default Password Hash Algorithm - Security enhancements.
  • CSL-2438 - Install with REMOTE_SQL=1 flag fails - Carousel installation completes as expected with remote SQL.
Platform
BasicsFeaturesDeploymentMedia PlayersAPI
Support
Support CenterRelease NotesStarter Channels
Resources
VideosContent IdeasFresh FeedThe Carousel Way
About
Contact UsOur TeamOur Story
Carousel Cloud
Carousel Cloud Home
( p ) 612-261-1000  ( e ) cms@carouselsignage.com
Legal
|
Privacy Policy
|
GDPR Compliance Statement