10 Aug 2011
Some of you might heard about the security flaw within XxxXxxxx, a PHP script that dynamically generates image thumbnails on the fly. XxxXxxxx is widely used in many themes as well as our themes. Shortly after the security flaw was found, Mark Maunder released a secure version called XxxxXxxxx. We've updated our framework with XxxxXxxxx. For security concern, we highly recommend everyone to upgrade with the latest version. To upgrade the theme/framework, download the latest theme zip from our server and replace the "themify" folder and any updated files (you can view the changelogs here). If you just want to upgrade the affected XxxXxxxx file, download a copy of XxxxXxxxx and replace the img.php file in the "themify" folder with XxxxXxxxx. Here is a tutorial on how to upgrade theme. Along with the XxxxXxxxx update, we also added the post image in RSS feeds. Now you have an option to whether include the post image in the RSS feeds.