Resources

Getting started

Support

Development

Topics

User Functions

Events

There are no upcoming events

What's New

Stories

1 new Stories in the last 2 weeks

Comments last 2 weeks


Trackbacks last 2 weeks

No new trackback comments

Links last 2 weeks

No recent new links

NEW FILES last 14 days

No new files

Welcome to Geeklog Sunday, May 26 2013 @ 03:25 AM EDT

> >

Geeklog 1.4.0sr4

Security
  • Friday, June 30 2006 @ 05:25 PM EDT
  • Contributed by:
  • Views:
    7,636

To address the recently posted exploits for insecure installations and for the mcpuk file manager, we are releasing Geeklog 1.4.0sr4.

In this release, we've removed the file manager altogether, so you will no longer be able to upload images through FCKeditor (this will be enabled again when we release Geeklog 1.4.1 with FCKeditor 2.3). We've also added additional protection against code execution in case of insecure installations but suggest that you really protect your Geeklog install properly as explained in the installation instructions and in the FAQ.

We are not releasing any updates for these issues as they wouldn't make much sense. In case of the first exploit, it's really an installation problem that should be fixed and in the case of the file manager, files will have to be removed (as explained in the article linked to above).

Please note that the first issue applies to all Geeklog releases, while the second only applies to all the 1.4.0 releases.

What's Related

Story Options

Trackback

Trackback URL for this entry:
http://www.geeklog.net/trackback.php/geeklog-1.4.0sr4

Here's what others have to say about 'Geeklog 1.4.0sr4':

The following comments are owned by whomever posted them. This site is not responsible for what they say.

  • Geeklog 1.4.0sr4
  • Authored by:griffman on Saturday, July 01 2006 @ 09:43 AM EDT
I'm assuming the files that are already there (test.pdf, index.html, some pictures and icons) are part of the GL distribution, correct?

What, exactly, are those directories used for?

-rob.
  • Geeklog 1.4.0sr4
  • Authored by:Blaine on Saturday, July 01 2006 @ 10:50 AM EDT
Those directories are used with the fckeditor - default folders for storing images, files (media types). The test.pdf and a few images are there as example images and files.

---
Geeklog components by PortalParts -- www.portalparts.com

Post a Comment

Your Name
Create Account
Allowed HTML Tags:
<p>, <b>, <strong>, <i>, <a>, <em>, <br>, <tt>, <hr>, <li>, <ol>, <ul>, <code>, <pre>, [code], [raw], [page_break], [staticpage:]InformationInformation[staticpage: id alternate title] - Displays a link to a static page using the static page title as the title. An alternate title may be specified but is not required. , [event:]InformationInformation[event: id alternate title] - Displays a link to an Event Link from the Calendar using the Event Title as the title. An alternate title may be specified but is not required. , [poll:]InformationInformation[poll: id alternate title] - Displays a link to a poll using the Poll Topic as the title. An alternate title may be specified but is not required. , [link:]InformationInformation[link: id alternate title] - Displays a link to a Link from the Links Plugin using the Link Title as the title. An alternate title may be specified but is not required. , [faq:], [forum:]InformationInformation[forum: id alternate title] - Displays a link to a forum topic using the text 'here' as the title. An alternate title may be specified but is not required. , [file:], [story:]InformationInformation[story: id alternate title] - Displays a link to a Story using the Story Title as the title. An alternate title may be specified but is not required. , [user:]InformationInformation[user: name alternate title] - Displays a link to a User using the Username as the title. An alternate title may be specified but is not required.
 

Security code
This question is for testing whether you are a human visitor and to prevent automated spam submissions.

What code is in the image?
Enter the bolded text, case sensitive!
Important Stuff
  • Please try to keep posts on topic.
  • Try to reply to other people comments instead of starting new threads.
  • Read other people's messages before posting your own to avoid simply duplicating what has already been said.
  • Use a clear subject that describes what your message is about.
  • Your email address will NOT be made public.