Generally speaking: yes. It's practically always advisable to keep software up to date, because new versions fix known (potentially exploitable) bugs in older versions.
For more information you can review the version history. From a quick glance notable security improvements appear to be:
- Security fix: prevent use of <embed> and <object> tags. (v1.8.4)
- Reworked file cache to securely allow cache inside web root. (v1.8.0 beta 2)
- Password security has been upgraded from sha1 to use PHP's password_hash function where available. (v1.8.0 beta 2)
You should also keep PHP, your webserver and your database updated, since those are part of the system's attack surface as well. |