XOOPS: XOOPS 2006/05/23 security patch released

Posted by: skalpaOn 2006/5/23 3:20:00 11807 reads
The 2006/05/23 security patch has been released to fix the security issue disclosed as Secunia Advisory 20176.

Please note that this issue only concerns servers configured with register_globals set to on, which is not recommended.

But we recommend that every XOOPS 2.X user apply it, especially those who are forced to use a 2.0.x version older than 2.0.13.2, since the additional protection it contains may protect you from other issues known to these old versions.

Download: XOOPS 2006/05/23 security patch (.tar.gz) XOOPS 2006/05/23 security patch (.zip) Installation instructions: - MAKE A BACKUP COPY OF mainfile.php - Ensure the web server has write access to this file - Upload the security060523 folder and its content to your XOOPS document root - Login as an administrator - Apply the patch by browsing to /security060523/ - DELETE THE PATCH FOLDER - WRITE-PROTECT mainfile.php AGAIN The XOOPS development team.