Tracker: Patches
This patch is released to plug a major security hole
discovered by a good-minded php developer while playing
around with the netjuke.
Simply download the patch attached to this article (see
bottom of the page: netjuke-patches-1.0b6.2.tar.gz),
unpack it somewhere, and replace the following files
with the new ones.
- netjuke/community.php
- netjuke/pl-shrd-list.php
- netjuke/pl-shrd-view.php
Details on the security hole, as provided by the
sender, have been posted to the netjuke-users mailing
list. The following patches will secure your install,
but I will still be looking for a way to erradicate the
potential for remote exploits even further in future
versions.
Great thanks go to Peter Vreugdenhil who discovered the
hole, and emailed me about it so I could fix this. I am
making this patch available 30 minutes after first
learning about the issue. Not to shabby, right? ;o).
Happy (secure) Streaming!
Stephane
Nobody/Anonymous
None
None
Public
Comment ( 1 )
|
Date: 2002-01-26 12:13 Logged In: YES |
Attached File ( 1 )
| Filename | Description | Download |
|---|---|---|
| netjuke-patches-1.0b6.2.tar.gz | Download |
Changes ( 6 )
| Field | Old Value | Date | By |
|---|---|---|---|
| status_id | Open | 2002-01-26 12:13 | epsi |
| resolution_id | None | 2002-01-26 12:13 | epsi |
| close_date | - | 2002-01-26 12:13 | epsi |
| File Added | 16607: netjuke-patches-1.0b6.2.tar.gz | 2002-01-23 02:44 | epsi |
| File Deleted | 16604: | 2002-01-23 02:44 | epsi |
| File Added | 16604: netjuke-patches-1.0b6.2.tar.gz | 2002-01-23 01:55 | epsi |
About SourceForge
Develop Software
Community
Copyright © 2010 Geeknet, Inc. All rights reserved. Terms of Use
