Tech Support Posted February 18, 2022 Share Posted February 18, 2022 Update status 5.5.1 update status is FINAL. You can download update in KVS client zone for all your licenses: Update requirements KVS 5.0.0+ (earlier versions should be updated to KVS 5.0.1 first). PHP 7.1 - 7.4 (PHP 8 is not yet supported). If you haven't yet updated KVS to 5.0.1, then please do, you can find KVS 5.0.1 update information here: KVS 5.0.1 update Important notes for 5.5.1 N/A Please check important notes for 5.5.0 if you didn't yet update to this version. Please check important notes for 5.4.0 if you didn't yet update to this version. Please check important notes for 5.2.0 if you didn't yet update to this version. 5.5.1 update procedure Any project starting from 5.0.0 can be updated to 5.5.1 with one only procedure. Depending on your current KVS version, update procedure may contain additional steps for older versions. You must use KVS update plugin in order to update your project. For update you will need: KVS update ZIP archive for your project and its hash code for update plugin (contact support in beta phase to get these). FTP connection to your project so that you can upload files. Update procedure has the following steps: Create backup using Backup plugin. Upload update ZIP into KVS update plugin and specify hash code. KVS update plugin will notify you if there are any custom changes in KVS system files, which will be overridden by update (player skins are not checked here, so they will be silently updated if have custom changes). KVS update plugin will update database automatically. KVS update plugin will ask you to copy files from the archive on top of your project using FTP or filesystem copy. Please make sure you are NOT USING sync functionality in your FTP client, which will delete many files on your server, because obviously update archive contains only part of all files. What you need is just to drag and drop files from update archive on top of your project root folder and confirm their re-writing (excluding _INSTALL folder, it doesn't need to be copied). KVS update plugin will verify the updated files and finalize update procedure. Use System audit plugin to verify that everything looks good. Whats new in KVS 5.5.1 Maintenance release to fix recent security vulnerability, but also contains a dozen of enhancements that we were able to push through. Meanwhile we are slightly moving forward with the new admin panel GUI. 1) Security issue connected to remote URL upload was fixed in this update. Luckily, this breach could only be exploited in a limited set of conditions: On projects where Apache was not installed, and thus additional security layer was deactivated. For such projects it is required to configure Nginx to prevent accessing publicly writable directories. On projects where KVS files were installed under the same OS user as Apache was running. We extended audit security check to report these configuration issues as errors (previously were reported as warnings), so after update please make sure to run installation + security check in audit plugin and make sure you don't have any errors there. If you don't want to update to 5.5.1, you can apply security patch on top of 5.5.0, or you can disallow URL upload for public in Settings -> Content settings (Upload from URL option). If your version is very old and doesn't allow disabling URL upload in settings, it is highly recommended to update, otherwise your project may be vulnerable. 2) Exporting feeds optimized in terms of memory usage and output generation to allow generating bigger set of data without pagination. 3) Importing feeds now support automatic pagination, so they can be configured to query data with auto-skipping N videos from the previous requests to import all available video from the paginated feed. 4) Channels now also support synonyms. 5) IP blacklist in Anti-spam settings will now better support IPv6 addresses and masks of 2nd level (11.22.*). Previously only 3rd level masks (11.22.33.*) were supported. 6) DigiRegs plugin was finalized based on real-world testing and is finally ready for use. 7) In grabbers you can now use colons as part of replacement text, but it needs to be specified as a double colon (::). Also text replacements now support partial matches. 8) In stats settings we added summary of how much disk space is utilized to store particular type of stats. In some cases with specific stats enabled this could take GBs. Stats cleanup procedure will now clean up database tablespace as well. 9) In related videos it is now possible to use External Search plugin for generating related videos, for example to use external Sphinx server for that. 10) In list_members_events we added ability to show events of user's subscriptions (similar to showing events of user's friends). 11) Bugs that have been fixed: [CRITICAL] Security issue, see above. [MEDIUM] In some cases grabbers could create import tasks that would not process all videos or albums. [MEDIUM] 5.5.0 version could not allow including some traffic trade scripts due to function naming conflict. [LOW] Option that disallowed tags with specific characters didn't work correctly with non-latin characters. [LOW] Re-creating screenshots was not possible for embedded videos even if video URL was provided. [LOW] Player didn't show cuepoints on mobile devices. [LOW] Player didn't render subtitles after switching to another video quality. [LOW] Animated WebP images were not supported as manually uploaded screenshots and photos. [LOW] KVS didn't allow creating timeline screenshots for videos longer than 4 hours. [LOW] Several performance issues in admin panel when huge amount of videos. [LOW] Rotator interval change was not actually applied. [LOW] In some cases tag rename didn't add old tag name as a synonym. [LOW] In some cases deleting video screenshots could result in partially broken screenshots. 1 Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.