Welcome to Geeklog, Anonymous Saturday, December 21 2024 @ 12:06 pm EST

Geeklog 1.5.2sr1

  • Monday, March 30 2009 @ 02:40 pm EDT
  • Contributed by:
  • Views: 11,599
Security

Fernando Muñoz reported a possible XSS in the query form on most admin panels that we are fixing in this release.

You can download an upgrade archive for Geeklog 1.5.2 or the complete 1.5.2sr1 tarball to upgrade from any previous version.

The upgrade tarball contains only one file and should also work as a quick fix for Geeklog 1.5.0 and 1.5.1. We do recommend upgrading to 1.5.2sr1 from those versions, though, due to various other bugs that have since been fixed.

Fernando is one of the students applying for participation in the Google Summer of Code with Geeklog, btw. Which just goes to show that it's always good to have a fresh pair of eyes looking over your code. Thanks, Fernando!

On a side note, a recent security issue that was reported for glFusion (a fork of Geeklog) does not affect any of the currently released versions of Geeklog. It does, however, affect the current development version (what will become Geeklog 1.6.0). We will address that issue before the release of Geeklog 1.6.0.