|
From: | Daryl L. L. Houston |
Subject: | Re: [Phpgroupware-developers] phpGroupWare SECURITY RELEASE 0.9.14.006 - PLEASE UPDATE IMEDIATLY |
Date: | Tue, 22 Jul 2003 09:37:31 -0400 |
User-agent: | Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030624 |
D Ralf Becker wrote:
Hi Daryl, due to the nature of the bug (Exploit) I will not post any details here.I recommend to use cvs as that will update your sources by mergeing in the changes only.You can even use it to get diff's between .14.005 and .006 (try a "cvs rdiff -u -r Version-0_9_14-branch-0_0_5 -r Version-0_9_14-branch-0_0_6 phpgwapi" within your phpGW install).Anyway I hope you already included the last security updates. Ralf Daryl L. L. Houston wrote:Any way the nature of the bug and a brief description of the fix (or a pointer to its location in the source code) could be posted? I've done enough customizations to my install that a wholesale update isn't really plausible, but I'd like to apply the fix if possible. Thanks,D Ralf Becker wrote:Hi all, this release fixes a just discovered exploit in phpGroupWare. The exploit works for *ALL* branches (.14, .16 and HEAD) !!! EVERYONE, PLEASE UPDATE IMEDIATLY !!!There is also one calendar bug fixed in this release: Dayview is displaying events again (was broken in .14.005) and germany manual files for some apps added.You can grab it via a cvs update or from http://phpgroupware.org/downloads/Cheers Ralf Becker on behalf of the phpGroupWare Development Crew
-- ========================== Daryl L. L. Houston Web Applications Developer Signage Solutions, LLC 865.342.8270
[Prev in Thread] | Current Thread | [Next in Thread] |