Answered: Is q2a 1.8.6 more secure than version 1.7.5?
Post date: 2022-05-16 20:43:47
Views: 193

Generally speaking: yes. It's practically always advisable to keep software up to date, because new versions fix known (potentially exploitable) bugs in older versions.

For more information you can review the version history. From a quick glance notable security improvements appear to be:

  • Security fix: prevent use of <embed> and <object> tags. (v1.8.4)
  • Reworked file cache to securely allow cache inside web root. (v1.8.0 beta 2)
  • Password security has been upgraded from sha1 to use PHP's password_hash function where available. (v1.8.0 beta 2)

You should also keep PHP, your webserver and your database updated, since those are part of the system's attack surface as well.
Please click Here to read the full story.
 
Other Top and Latest Questions:
Where can I ask the MetaFilter board all my burning questions?
World's largest sovereign wealth fund's bets on Big Tech and banking drive gains
Core wholesale prices rose 0.8% in January, much more than expected
OpenAI announces $110 billion funding round with backing from Amazon, Nvidia, SoftBank
The Strait of Hormuz is facing a blockade. These countries will be most impacted
The digital front: Iran’s internet down for over 60 hours amid reports of cyberattacks
South Korea defense stocks soar with heavyweight Hanwha Aerospace surging 25% as traders react to Iran war
OpenAI's Altman admits defense deal 'looked opportunistic and sloppy' amid backlash
Frieren: Beyond Journey's End: A Demon-Slaying Request
Saturday Night Live: Connor Storrie/Mumford & Sons