Answered: Is q2a 1.8.6 more secure than version 1.7.5?
Post date: 2022-05-16 20:43:47
Views: 168

Generally speaking: yes. It's practically always advisable to keep software up to date, because new versions fix known (potentially exploitable) bugs in older versions.

For more information you can review the version history. From a quick glance notable security improvements appear to be:

  • Security fix: prevent use of <embed> and <object> tags. (v1.8.4)
  • Reworked file cache to securely allow cache inside web root. (v1.8.0 beta 2)
  • Password security has been upgraded from sha1 to use PHP's password_hash function where available. (v1.8.0 beta 2)

You should also keep PHP, your webserver and your database updated, since those are part of the system's attack surface as well.
Please click Here to read the full story.
 
Other Top and Latest Questions:
These names on Josh Brown's best stocks list showed strength during last week's volatility. One is forming a 'golden cross'
Devon, Coterra merge to create U.S. shale giant in $58 billion deal
Answered: I'll be taking custom jobs/orders for Q2A
Pinterest CEO rebukes, fires 'obstructionist' employees who created tool to track layoffs
Washington Post begins widespread layoffs, sharply shrinking storied newspaper's reach
A surprising share of homeowners have high mortgage rates. Here's the breakdown
Eli Lilly blows past quarterly estimates, posts strong outlook as Zepbound and Mounjaro sales soar
Private payrolls rose by just 22,000 in January, far short of expectations, ADP says
Trump admin to withdraw 700 federal officers from Minnesota: Homan
Fed pick: Tillis doubles down on Warsh blockade over concerns about central bank independence