Welcome to Geeklog Friday, May 24 2013 @ 10:38 PM EDT
1000 students have now been accepted for this year's incarnation of the Google Summer of Code. We had a really hard time selecting from the mostly excellent applications for Geeklog and AptitudeCMS this year. In the end, we decided on the following students and their projects:
Congratulations to Barry, Kittipat, Phaneendra, Sean, Stan, Thomas, and Tim, and we're looking forward to working with you during the summer.
To those that didn't make the cut: Thanks again for your application. We had a lot of very good proposals this year and some of the decisions were really, really hard to make. If you have any questions regarding your application, please feel free to contact us through the usual channels.
Bookoo of the Nine Situations Group has posted yet another SQL injection exploit. This time, the problem is in usersettings.php and can again be used by an attacker to extract the password hash for any account. Geeklog 1.5.2sr4 fixes this issue and is available for download
Geeklog 1.5.2sr3 addresses the recently published exploit for an SQL injection in the webservices. It is available for download
After installing this update, you can enable the webservices again if you need them (or leave them disabled if you don't - they are not an essential feature, unless you happen to be using an AtomPub client to post articles).
If you need help in setting up or using Geeklog, please see the documentation, the FAQ, the Wiki, try our search page or browse through the Support Forum. Chances are someone else already had the same problem.
More resources are listed on the support page.
If you still can't find an answer, feel free to post in the forum.
Need help now? Try our web-based IRC chat.