Archive

Archive for March 5th, 2006

Geeklog 1.4.0sr2 and 1.3.11sr5

March 5th, 2006 No comments

[Geeklog]

Unfortunately, yet another Geeklog security issue has surfaced: Konstantin Dyakoff found an old bug in the session handling that would allow anyone to log in as any user. This bug exists in all Geeklog versions released since 2002.

To address this serious issue, we are releasing the 1.4.0sr2 and 1.3.11sr5 security updates and strongly suggest that you upgrade your site as soon as possible.

For details and upgrading instructions, please refer to the full release announcement.

Categories: News