Security
As discussed previously in forums, there are potential vulnerabilities identified in:
a) PM
b) Protector
modules.
While (a) is addressed by having Protector installed, and (b) is addressed by having "register_globals" disabled and having XOOPS_TRUST_PATH outside of the Document Root, we've addressed the issues in XOOPS 2.4.
However, since we don't know when exactly we'll release XOOPS 2.4, we're releasing this Security Patch for XOOPS 2.3.3 users.
Download: SourceForge XOOPS.
Installation: See the ReadMe.txt file
You are highly encouraged to implement the patch to your existing XOOPS 2.3.3 system.
Special thanks to Trabis, who addressed these issues.
a) PM
b) Protector
modules.
While (a) is addressed by having Protector installed, and (b) is addressed by having "register_globals" disabled and having XOOPS_TRUST_PATH outside of the Document Root, we've addressed the issues in XOOPS 2.4.
However, since we don't know when exactly we'll release XOOPS 2.4, we're releasing this Security Patch for XOOPS 2.3.3 users.
Download: SourceForge XOOPS.
Installation: See the ReadMe.txt file
You are highly encouraged to implement the patch to your existing XOOPS 2.3.3 system.
Special thanks to Trabis, who addressed these issues.
|
|
Login
Search
Recent Comments
Who's Online
Donat-O-Meter
| Stats | |
| Goal: | $100.00 |
| Due Date: | Apr 30 |
| Gross Amount: | $0.00 |
| Net Balance: | $0.00 |
| Left to go: | $100.00 |
 |
|