Archive

Archive for June 17th, 2007

Serendipity 1.1.3

June 17th, 2007 No comments

[Serendipity]

Serendipity 1.1.3 has been released due to a SQL injection vulnerability reported by Dr. Neal Krawetz today. It is possible to abuse a ‘commentMode’ variable to inject SQL code that was targeted to the function that fetches comment information. This variable was introduced to Serendipity 1.1, so all prior versions are not affected.

Please update your blogs as soon as possible. For full details, please refer to the release announcement.

Categories: News

Pivot 1.40.3

June 17th, 2007 No comments

[Pivot]

Pivot 1.40.3 contains some minor bugfixes that were discovered after the release of 1.40.2. For a changelog, and instructions on how to install or upgrade, please see the release announcement.

Categories: News