August 11, 2011 at 4:26 pm #5401
I see someone mentioned about this in the Avisio forum but I have two sites using the Levitation theme.
Firstly, if Auto Scaling is off in the Theme Options is it safe to delete the script completely and save any further problems? Or maybe just empty the file as you suggested in the Avisio forum but keep the file in place.
But if Auto Scaling is on how do I go about updating the script for the Levitation theme? I tried to replace the code in timthumb.php with the new version of this script but it didn’t work.
Thanks in advance.August 11, 2011 at 4:32 pm #50041
Kriesi already works on updates. There’s no need to panic though because hacker can find better targets than private or small business sites.October 11, 2011 at 7:15 pm #50042
Hi, in the version.rtf file of 1.3.2 it says…
“file: framework/includes/timthumb.php : updated file for security reasons to latest version”
But I don’t understand what this means. There is no files in levitation/includes when I extract the zip.
‘includes’ is just an empty folder that wasn’t there in the previous version of the theme.
And levitation/timthumb.php is exactly the same as before.
I don’t understand what’s been updated. Can you explain it please.
Thanks.October 12, 2011 at 7:24 am #50043
Yes – I checked my levitation copy and Kriesi forgot to update the script. I’ll notify him to release an updated version asap.October 12, 2011 at 9:09 am #50044October 12, 2011 at 4:25 pm #50045October 28, 2011 at 11:41 am #50046
Dude, has the Timthumb issue been corrected for the Levitation theme? I’d like to purchase it ASAP, but will wait until the fix is in place.October 30, 2011 at 2:29 am #50047
You can edit the timthumb.php file to be likethis, this should solve the security issue though I’m uncertain if any other adjustments need to be made to function correctly with the Levitation theme.
I’ll check with Kriesi.November 2, 2011 at 12:12 pm #50048November 3, 2011 at 3:01 am #50049
Hey! yes the theme was updated a while ago with the latest version of timthumb ;)
KriesiNovember 18, 2011 at 2:28 pm #50050
No it wasn’t. And still isn’t. I quote from above…
“Yes – I checked my levitation copy and Kriesi forgot to update the script. I’ll notify him to release an updated version asap.”November 18, 2011 at 6:46 pm #50051
The topic ‘TimThumb security issue’ is closed to new replies.