Welcome to Geeklog Sunday, May 26 2013 @ 03:25 AM EDT
To address the recently posted exploits for insecure installations and for the mcpuk file manager, we are releasing Geeklog 1.4.0sr4.
In this release, we've removed the file manager altogether, so you will no longer be able to upload images through FCKeditor (this will be enabled again when we release Geeklog 1.4.1 with FCKeditor 2.3). We've also added additional protection against code execution in case of insecure installations but suggest that you really protect your Geeklog install properly as explained in the installation instructions and in the FAQ.
We are not releasing any updates for these issues as they wouldn't make much sense. In case of the first exploit, it's really an installation problem that should be fixed and in the case of the file manager, files will have to be removed (as explained in the article linked to above).
Please note that the first issue applies to all Geeklog releases, while the second only applies to all the 1.4.0 releases.
Here's what others have to say about 'Geeklog 1.4.0sr4':
The following comments are owned by whomever posted them. This site is not responsible for what they say.
What, exactly, are those directories used for?
-rob.
---
Geeklog components by PortalParts -- www.portalparts.com