From: Greg M. <gm...@gm...> - 2005-12-31 21:42:25
|
Hate to reply to my own posting, but... The sourceforge page still lists a 1.7 & 1.8 download \\Greg Greg Martin wrote: > I remember doing the 1.8.6 upgrade due to security concerns (8/22 > message on this list) but never saw anything saying it was insecure. > Thanks for the tip. > > \\Greg > > Damian Parker wrote: > >> Greg Martin wrote: >> >>> I didn't see an announcement. When was this discovered? >>> >>> \\Greg >> >> >> >> Quite some time now, I think from memory since 1.9.1 was released. >> >> Another big key to security is not just using the latest version, but >> you also require a .htaccess or a VirtualHost entry to restrict >> directory access to certain folders. This prevents uploaded >> malicious scripts from being executed and certain parts of your >> tikiwiki from being discovered. >> >> These are covered in the articles on tikiwiki.org. >> > > > ------------------------------------------------------- > This SF.net email is sponsored by: Splunk Inc. Do you grep through log > files > for problems? Stop! Download the new AJAX search engine that makes > searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! > http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click > _______________________________________________ > Tikiwiki-devel mailing list > Tik...@li... > https://lists.sourceforge.net/lists/listinfo/tikiwiki-devel > |