The secure CMS.

Resources

Getting started

Support

Development

Topics

User Functions





Don't have an account yet? Sign up as a New User
Lost your password?


What's New

Stories

No new stories

Comments last 2 days


Trackbacks last 2 days

No new trackback comments

NEW FILES last 14 days


Links last 2 weeks

No recent new links

Welcome to Geeklog
Friday, September 03 2010 @ 03:24 AM EDT

Geeklog 1.6.1sr1 and 1.5.2sr6

Sunday, May 09 2010 @ 02:15 PM EDT

Contributed by: Dirk

Views: 1,237

Security

You may remember the flurry of security issues that Bookoo of the Nine Situations Group reported for Geeklog in April last year. Well, it looks like we missed one issue in those reports: Geeklog's auto login feature is vulnerable to brute force / dictionary attacks. To fix this, we are releasing the following security updates:

Other versions: The issue is also fixed in Geeklog 1.7.0 (but present in the 1.7.0 beta and release candidate). The 1.5.2sr6 upgrade can also be used for Geeklog 1.6.0, 1.5.1, and 1.5.0. Earlier versions were not tested - we really recommend to upgrade to a newer version (1.6.1sr1 or 1.7.0) instead.

What's Related

Story Options

Trackback

Trackback URL for this entry: http://www.geeklog.net/trackback.php/geeklog-1.6.1sr1

Here's what others have to say about 'Geeklog 1.6.1sr1 and 1.5.2sr6':

Geeklog 1.7.0 - Geeklog
[...] loss of data. For other improvements, please see the list of changes. Of course, it also addresses the latest security issue . We would also like to thank all those students again who applied for the Google Summer of Code 2010 and submitted [...] [read more]
Tracked on Sunday, May 09 2010 @ 02:18 PM EDT

Geeklog 1.7.0 est disponible - Geeklog France
[...] reportez vous à la liste des changements. Cette version corrige aussi la dernier problème de sécurité . Certains patches soumis par les étudiants du Google Summer of Code 2010 sont déjà dans la [...] [read more]
Tracked on Monday, May 10 2010 @ 03:10 AM EDT

Publicado importante parche de seguridad para Geeklog 1.5.2 y 1.6.1.
[...] aplicar el parche de seguridad, que simplemente consiste en reemplazar el fichero system/lib-sessions.php. Fuente: Geeklog . Opciones: Imprimir | Recomendar | Enlace permanente Enviar a: Twitter | Facebook | Wikio | Menéame | Enchílame | [...] [read more]
Tracked on Monday, May 10 2010 @ 02:09 PM EDT

Geeklog 1.6.1sr1 and 1.5.2sr6 | 0 comments | Create New Account
The following comments are owned by whomever posted them. This site is not responsible for what they say.

© 2002-2010 Geeklog
Created this page in 0.28 seconds 		Powered by Geeklog 1.7.0 
Hosted by pair.com