Answered: Is q2a 1.8.6 more secure than version 1.7.5?
Post date: 2022-05-16 20:43:47
Views: 190

Generally speaking: yes. It's practically always advisable to keep software up to date, because new versions fix known (potentially exploitable) bugs in older versions.

For more information you can review the version history. From a quick glance notable security improvements appear to be:

  • Security fix: prevent use of <embed> and <object> tags. (v1.8.4)
  • Reworked file cache to securely allow cache inside web root. (v1.8.0 beta 2)
  • Password security has been upgraded from sha1 to use PHP's password_hash function where available. (v1.8.0 beta 2)

You should also keep PHP, your webserver and your database updated, since those are part of the system's attack surface as well.
Please click Here to read the full story.
 
Other Top and Latest Questions:
Where can I ask the MetaFilter board all my burning questions?
Trump Media in talks to spin off Truth Social from DJT into independent stock
U.S. and Iran wrap up 'most intense' nuclear talks with no deal — more negotiations ahead
Gen Z is embracing the prenup, says family law attorney: ‘The taboo of divorces is long gone’
Trump angering MAHA with glyphosate order gives Democrats an opening
Pakistan bombs targets in Afghan cities, minister calls it 'open war'
Answered: Can I upload video in q2a by a plugin?
Amazon says drone strikes damaged 3 facilities in UAE and Bahrain
OpenAI's Altman admits defense deal 'looked opportunistic and sloppy' amid backlash
Monarch: Legacy of Monsters: Cause and Effect