[mambo] Mambo 4.5.2.2 is out! [SECURITY PATCH]
kirill at hostnetservices.com
kirill at hostnetservices.com
Thu Jun 2 11:39:26 EDT 2005
Mitch,
The only patch I see is for 4.5.2, but I have one site that is using
4.5.1.
Also what modules are affected - I looked at the 4.5.2.2 patch and see
only two files:
frontend.html.php
content.html.php
Thanks,
Kirill
Mitch Pirtle <mitch.pirtle at gmail.com>
Sent by: mambo-bounces at lists.nyphp.org
06/02/2005 12:14 AM
Please respond to
"NYPHP SIG: Mambo" <mambo at lists.nyphp.org>
To
"NYPHP SIG: Mambo" <mambo at lists.nyphp.org>
cc
Subject
[mambo] Mambo 4.5.2.2 is out! [SECURITY PATCH]
Hi gang,
Apologies for the cross post.
There was a security issue found in the included domit-xml xml parsing
library in the current version of Mambo, which we have fixed with this
release (4.5.2.2). The vulnerability includes information disclosure,
including the contents of your configuration.php - so this is an
immediate, critical upgrade.
You can get the full version or patch at MamboForge:
http://mamboforge.net/frs/?group_id=5
--
Mitch Pirtle
Mambo Core Developer
_______________________________________________
New to Mambo? Get a great start here:
http://forum.mamboserver.com/showthread.php?tB100
New York PHP SIG: Mambo Mailing List
AMP Technology
Supporting Apache, MySQL, PHP & Mambo!
http://lists.nyphp.org/mailman/listinfo/mambo
http://www.nyphp.org
ForwardSourceID:NT0002EA9A
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/joomla/attachments/20050602/c565caaf/attachment.html>
More information about the Joomla
mailing list