Geeklog 1.3.9sr1, 1.3.8-1sr5
- Tuesday, June 01 2004 @ 04:45 pm EDT
- Contributed by: Dirk
- Views: 10,132
Apparently, Spammers have found a way to post huge amounts of anonymous comment spam on various Geeklog sites, even though these sites had anonymous comments switched off.
The updates to Geeklog 1.3.9sr1 and Geeklog 1.3.8-1sr5 fix this problem now. Fixed versions of the affected comment.php are also available for 1.3.7sr5 and for 1.3.6, even though these versions aren't really supported any more and we would strongly advise you to upgrade.
Geeklog 1.3.9sr1 (which is also available as a complete tarball) includes additional fixes for several places where the topic permissions hadn't been checked properly as well as some other bugfixes that are not security-related (details can be found here).