Menu
▾
▴
[Apc-aa-general] Security fix in AA - update from SVN recommended
|
From: Honza M. <hon...@ec...> - 2014-02-19 17:15:16
|
Hi all,
Gert Steenssens found SQL INJECTION problem in our SQL permission system,
which were there for a long time from its beginning phase.
All systems, which uses SQL based permission system should be updated (see
the line define("PERM_LIB", "sql") in your config.php3 script). The systems
which uses LDAP permission system are not affected.
The database structure is stable for quite a long time, so any update from
Subversion should be quite easy - just type:
svn update
The current AA in SVN works well with PHP 5.3, 5.4 and 5.5 and MySQL >= 5.0
(or MariaDB).
Thanks Gert for the report,
Honza
|
