News:

CPG Release 1.6.28
added submissions from {406man}
cleaned up a few PHP (8.4) deprecations
fixed PHP deprecation in calendar
removed security vulnerability
(please upgrade when possible)

Main Menu

Security Patch

Started by haggis, October 19, 2003, 03:52:01 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

haggis

October 19, 2003, 03:52:01 AM
Will there be (is there now) a security patch for the SQL injection vulnerability in 1.0, 1.1, etc.? The FAQ suggests one will be available Real Soon Now. Version 1.2 doesn't mention it one way or the other. Having been bitten by the previous vulnerability I'm eager to patch as soon as possible.

Tarique Sani

#1
October 19, 2003, 04:11:23 AM
AFAIK and can check the code the SQL injection flaw was fixed by Greg himself BUT never marked as fixed
SANIsoft PHP applications for E Biz

Joachim Müller

#2
October 19, 2003, 12:21:47 PM
I'll edit the faq asap

GauGau
Print
Go Up Pages1
User actions