Topics

User Functions

Events

There are no upcoming events

What's New

Stories last 2 weeks

No new stories

Comments last 2 weeks

No new comments

Trackbacks last 2 weeks

No new trackback comments

Links last 2 weeks

No recent new links

NEW FILES last 14 days

No new files

Welcome to Geeklog Sunday, April 20 2014 @ 04:17 AM EDT

Reminder: Keep your site up to date

Security
  • Tuesday, July 31 2007 @ 03:00 PM EDT
  • Contributed by:
  • Views:
    5,283

Since we had a few reports about hacked Geeklog sites again, all of which turned out to be due to running on old and insecure versions, I'd like to remind you to please check for updates regularly and if there is a security update, that you install it ASAP - in your own interest.

At the time of this writing, the following Geeklog versions are considered "safe" in that there are no known security issues with them:

The 1.3.11 versions are not officially supported any more, but sites running on the latest incarnation (see above) should be fine.

Security issues may also lurk in plugins and other add-ons that you have installed, so you may want to check those for updates as well.

To keep up to date on new Geeklog releases (security-releases and otherwise), please use any of the following methods:

We always support the current and the previous versions of Geeklog, i.e. if necessary, we will release security fixes and the occasional bugfix for them. So currently, we're supporting Geeklog 1.4.1 and 1.4.0, while 1.3.11 and older are no longer supported.

Security updates are usually available as upgrade tarballs, containing only the files that have changed. Since security fixes won't normally change anything in the layout (themes) or database, they should be easy to install.

If you want to report a security issue, please see our Focus On Security manifesto and feel free to contact us at the email address listed there.

Trackback

Trackback URL for this entry:
https://www.geeklog.net/trackback.php/security-reminder

The following comments are owned by whomever posted them. This site is not responsible for what they say.

  • Reminder: Keep your site up to date
  • Authored by:mevans on Tuesday, July 31 2007 @ 10:16 PM EDT
Media Gallery versions prior to v1.4.8b have a known and actively exploited vulnerability. If you are running an older version, you should upgrade to v1.5.0 as soon as possible as well.

---
gl Labs - extending Geeklog through plugins - www.gllabs.org
  • Reminder: Keep your site up to date
  • Authored by:andyofne on Thursday, August 30 2007 @ 11:36 PM EDT
Obviously you guys are on top of this. My site was attacked today. I'm analyzing my files to see if I can find anything out of place.

  • Reminder: Keep your site up to date
  • Authored by:jmucchiello on Friday, August 31 2007 @ 02:24 PM EDT
Post in the forums if you need help. More people will notice the forum post than a random comment on a month old story, even if it is the current featured story.
  • Reminder: Keep your site up to date
  • Authored by:LWC on Friday, August 31 2007 @ 06:49 PM EDT
Then again, only the 10 recent forum posts are highlighted and they're very dynamic. Comments are few and are highlighted in the left block of every page.
  • Calendar Program Question
  • Authored by:jkoveos on Friday, September 07 2007 @ 08:55 AM EDT
Hello there,
I'm looking to help out my town, by combining a few different calendars (churches, non-profs, and city events) into one and making it user friendly.

Please advise if at all possible on any things I can be looking for or what's available.
  • Calendar Program Question
  • Authored by:Dirk on Friday, September 07 2007 @ 02:38 PM EDT

Please start a new thread in the forum instead of hijacking a completely unrelated topic :-/