A security issue was discovered in the Second Life 1.19.0(4) viewer released yesterday. Although we have no information indicating that it is being exploited, residents who downloaded the optional 1.19.0(4) viewer should update to 1.19.0(5). Earlier supported versions – 1.18.5(3), 1.18.4(3), 1.18.3(5) and 1.18.2(1) are unaffected and may still be used.
We have updated the “version manager” which is what our login system uses to enforce what versions can be used to log in login information. This will block only version 1.19.0(4) from logging in.
We are seeing a bug where the login “splash” page is erroneously reporting that users of all versions are being informed that they need to upgrade. This is incorrect – users with 1.18.5(3), for example, may log in. This bug is in our web site code and will be corrected as quickly as possible. We believe this issue was due to caching on both the client and the server and have corrected it.
Additionally, the Second Life 1.19.0(5) viewer also addresses an issue with upgrading from 1.18.x viewers where the voice chat preferences would not be preserved.