Welcome to Geeklog Wednesday, May 22 2013 @ 01:28 PM EDT
Fernando Muñoz reported a possible XSS in the query form on most admin panels that we are fixing in this release.
The upgrade tarball contains only one file and should also work as a quick fix for Geeklog 1.5.0 and 1.5.1. We do recommend upgrading to 1.5.2sr1 from those versions, though, due to various other bugs that have since been fixed.
Fernando is one of the students applying for participation in the Google Summer of Code with Geeklog, btw. Which just goes to show that it's always good to have a fresh pair of eyes looking over your code. Thanks, Fernando!
On a side note, a recent security issue that was reported for glFusion (a fork of Geeklog) does not affect any of the currently released versions of Geeklog. It does, however, affect the current development version (what will become Geeklog 1.6.0). We will address that issue before the release of Geeklog 1.6.0.
[...] une upgrade archive for Geeklog 1.5.2 ou la complete 1.5.2sr1 tarballArticle original http://www.geeklog.net/article.php/geeklog-1.5.2sr1 Ressources upgrade archive for Gee... complete 1.5.2sr1 tarball http://www.geeklog.net/... [...] [read more]
[...] 1.5.2 o bien el paquete completo de Geeklog 1.5.2sr1 para actualizar desde cualquier versión de Geeklog. Fuente: Geeklog. Fuente: Alcance Libre Leave a Reply Name (required) Mail (will not be published) (required) Website POPULAR COMMENTS [...] [read more]