We've released Bolt 3.2.5 as a maintenance and security release. Swiftmailer, one of the libraries Bolt uses, released a security update today, in which a serious vulnerability was fixed. For more information about this, see:
(loading tweet) https://twitter.com/x/status/814416314429308928
Although we are not aware of a way to exploit this vulnerability in existing Bolt installations, it is our policy to pass on security patches immediately. We strongly recommend all Bolt users to upgrade their installations.
- Security: Update Swiftmailer to
^5.4.5per CVE-2016-10074. #6204
- Added: Added "Save" button in Live editor. #6178 #6182
- Fixed: Frontend no longer starting a session, when it shouldn't. #6196, #35
- Fixed: Don't persist unset fields on update. #6199
- Fixed: Fix regex in yamlupdater. #6197
- Fixed: Slug generation with multiple fields respect ordering now. #6191
Installation & Upgrade
To install this version from scratch, follow the instructions on the updated installation page in the documentation, as can be found here: Installing Bolt.
To do a 15-second install, use the following:
curl -O https://bolt.cm/distribution/bolt-latest.tar.gz tar -xzf bolt-latest.tar.gz --strip-components=1 php app/nut init
After this, you might need to set the correct permissions for the cache and image folders. Check our documentation on File system permissions. If you have any questions or remarks, post a comment below, or join us on Slack or IRC.