XOOPS: XOOPS 2.0.13 Security Release

Posted by: Mithrandiron 2005/7/2 9:44:55 14562 reads
Earlier this week, I had some conversations with James from GulfTech Research and Development about a security hole in the XML-RPC interface.

We worked together on finding a solution and also found one - but unfortunately it was not a universal solution, which we now correct with XOOPS 2.0.13 that also solves some other sanitation issues where the server's magic_quotes_gpc settings was not taken correctly into consideration.

Everyone is urged to upgrade to 2.0.13 at earliest convenience and the XOOPS Core Development team apologizes for the high frequency of updates this week.

Upgrade Instructions
1. Download Patch
2. Extract Patch
3. Upload Patch files (four files) to webserver
4. That's it - no need to update System Module for this one

XOOPS 2.0.13 Stable
.zip | tarball
XOOPS 2.0.12a to 2.0.13 patch
.zip | tarball